Electrical disruptions caused by squirrels are common and widespread, and can involve the disruption of power grids. It has been hypothesized that the threat to the internet, infrastructure and services posed by squirrels may exceed that posed by cyber-attacks. [1] Although many commentators have highlighted humorous aspects of the concern, squirrels have proven consistently able to cripple power grids in many countries, [2] and the danger posed to the electrical grid from squirrels is ongoing and significant. [3] [4] This has led to tabulations and maps compiled of the relevant data. [5]
Electrical disruptions caused by squirrels are common and widespread. Between Memorial Day (May 27, 2013) and August 31, 2013, at least 50 power outages caused by squirrels (POCBS) were recorded in 24 U.S. states. [6] Cities affected by POCBS included Mason City, Iowa and Portland, Oregon. [7] Most media coverage of such events has compared the number of electrical grid shutdowns due to squirrels and those due to terrorists. Commentators often embellish and parody descriptions of the squirrels responsible for interrupting electrical service with allusions to military action or concerns, for example: "Squirrels mobilize, plot acts of cyber terrorism against humankind—And they're not acting alone." [8] or "Squirrelus interruptus: 5 things shut down by squirrels—How can a squirrel bring a nuclear weapons site to its knees?" [7] Electrical grids are not the only types of infrastructure at risk from squirrels, but nuclear weapons sites have also been described as targets of squirrel attention. Ground squirrels have interfered with underground nuclear missile sites at Malmstrom Air Force Base in Montana. The squirrels are able to tunnel under fences, bypassing motion detectors. Like their arboreal relatives, they can damage electrical cables by biting them. In addition, those that do take above-ground routes onto the base trigger thousands of false alarms each year. [7]
Squirrels damage electrical distribution facilities by tunneling, by chewing through electrical insulation, or by simultaneously coming into contact with two conductors at different electrical potentials. [9] [10] Typically the animal is killed by the passage of current through its body. [11] Prevention is complicated by the ability of squirrels to bypass plastic animal guards, gnaw through insulation and squeeze through small openings into substations. [12]
Squirrel-caused grid disruption in the U.S. is monitored by the American Public Power Association (APPA). [12] The APPA has developed a data tracker called "The Squirrel Index" (TSqI) to analyze the pattern and timing of "squirrel attacks" on electrical power systems. The TSqI is a metric that quantifies the rate per 1,000 customers over a period of time, and indicates two peak periods of highest "squirrel activity" or "squirrel peaking months" (SqPMS) in the year, in May–June and October–November, when disruption is greatest. [13]
According to a survey made by one security expert, the real threat to critical infrastructure located around the globe is from the squirrels. It has been discovered that squirrels are causing more damage to critical infrastructure than cyber wars launched by enemy states or organizations. [14]
Intentional damage by human terrorists is often the first concern in assessing threats to the U.S. power supply; some cybersecurity experts believe a country's infrastructure, such as its power grid, is a likely terrorist target. But according to the security researcher Cris Thomas, also known by the pseudonym Space Rogue, "We've had power outages caused by squirrels in all 50 states ... [including] Hawaii, where they don't even have squirrels, but they do have chickens." [15] [16]
In 1987 a 90-minute loss of power to Nasdaq's automated trading computer, caused by a squirrel, affected twenty million trades. [9] [17] [18] Nasdaq was shut down for about 30 minutes again in 2014 by a squirrel-induced power outage. [19] [20] [21] Other commentators have noted that actual cyber attacks by human terrorists are much rarer than disruption caused by squirrels. [14]
John C. Inglis, the former deputy director of the U.S. National Security Agency, said in 2015 that he judged the electrical grid was as likely to be paralyzed by a natural disaster as by a cyberattack and added: "[F]rankly, the No. 1 threat experienced to date by the U.S. electrical grid is squirrels." [22] [23]
Similar concerns exist in Germany, where in 2005, a "cyber squirrel" crippled the entire electrical grid south of the River Elster for an hour. This squirrel was described as "a furry suicide bomber" ("pelzige[r] Selbstmordattentäter"). [24]
Squirrels have been the cause of many power outages in Pennsylvania. [n 1] Cris Thomas has said that as of January 2017 [update] in the United States there have been six deaths associated with squirrel interference with infrastructure, such as downed power lines (and two with other animals). [18]
One commentator criticized the UK press for what he saw as an emphasis on "the ethnic struggle between Britain's populations of red and grey squirrels, and the latter's demonization (as immigrants and terrorists) and threatened eradication". [43] In at least one circumstance, a physical attack by a squirrel has been characterized as a "terrorist squirrel." [44]
Computer security, cybersecurity, digital security or information technology security is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.
Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten, the loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation. Acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet by means of tools such as computer viruses, computer worms, phishing, malicious software, hardware methods, and programming scripts can all be forms of internet terrorism. Cyberterrorism is a controversial term. Some authors opt for a very narrow definition, relating to deployment by known terrorist organizations of disruption attacks against information systems for the primary purpose of creating alarm, panic, or physical disruption. Other authors prefer a broader definition, which includes cybercrime. Participating in a cyberattack affects the terror threat perception, even if it isn't done with a violent approach. By some definitions, it might be difficult to distinguish which instances of online activities are cyberterrorism or cybercrime.
Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic warfare.
A blended threat is a software exploit that involves a combination of attacks against different vulnerabilities. Blended threats can be any software that exploits techniques to attack and propagate threats, for example worms, trojan horses, and computer viruses.
Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."
United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integrates and bolsters DoD's cyber expertise which focus on securing cyberspace.
Cyberwarfare is the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes. As a major developed economy, the United States is highly dependent on the Internet and therefore greatly exposed to cyber attacks. At the same time, the United States has substantial capabilities in both defense and power projection thanks to comparatively advanced technology and a large military budget. Cyber warfare presents a growing threat to physical systems and infrastructures that are linked to the internet. Malicious hacking from domestic or foreign enemies remains a constant threat to the United States. In response to these growing threats, the United States has developed significant cyber capabilities.
Cyberwarfare by China is the aggregate of all combative activities in the cyberspace which are taken by organs of the People's Republic of China, including affiliated advanced persistent threat (APT) groups, against other countries.
Jeffrey Carr is a cybersecurity author, researcher, entrepreneur and consultant, who focuses on cyber warfare.
A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack (DDoS).
SCADA Strangelove is an independent group of information security researchers founded in 2012, focused on security assessment of industrial control systems (ICS) and SCADA.
A threat actor, bad actor or malicious actor is either a person or a group of people that take part in an action that is intended to cause harm to the cyber realm including: computers, devices, systems, or networks. The term is typically used to describe individuals or groups that perform malicious acts against a person or an organization of any type or size. Threat actors engage in cyber related offenses to exploit open vulnerabilities and disrupt operations. Threat actors have different educational backgrounds, skills, and resources. The frequency and classification of cyber attacks changes rapidly. The background of threat actors helps dictate who they target, how they attack, and what information they seek. There are a number of threat actors including: cyber criminals, nation-state actors, ideologues, thrill seekers/trolls, insiders, and competitors. These threat actors all have distinct motivations, techniques, targets, and uses of stolen data. See Advanced persistent threats for a list of identified threat actors.
On December 23, 2015, the power grid in two western oblasts of Ukraine was hacked, which resulted in power outages for roughly 230,000 consumers in Ukraine for 1-6 hours. The attack took place during the ongoing Russo-Ukrainian War (2014-present) and is attributed to a Russian advanced persistent threat group known as "Sandworm". It is the first publicly acknowledged successful cyberattack on a power grid.
Industroyer is a malware framework considered to have been used in the cyberattack on Ukraine’s power grid on December 17, 2016. The attack cut a fifth of Kyiv, the capital, off power for one hour and is considered to have been a large-scale test. The Kyiv incident was the second cyberattack on Ukraine's power grid in two years. The first attack occurred on December 23, 2015. Industroyer is the first ever known malware specifically designed to attack electrical grids. At the same time, it is the fourth malware publicly revealed to target industrial control systems, after Stuxnet, Havex, and BlackEnergy.
Cris Thomas is an American cybersecurity researcher, white hat hacker, and award winning best selling author. A founding member and researcher at the high-profile hacker security think tank L0pht Heavy Industries, Thomas was one of seven L0pht members who testified before the U.S. Senate Committee on Governmental Affairs (1998) on the topic of government and homeland computer security, specifically warning of internet vulnerabilities and claiming that the group could "take down the internet within 30 minutes".
Sandworm is an advanced persistent threat operated by Military Unit 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. Other names for the group, given by cybersecurity researchers, include Telebots, Voodoo Bear, IRIDIUM, Seashell Blizzard, and Iron Viking.
The IT Army of Ukraine is a volunteer cyberwarfare organisation created at the end of February 2022 to fight against digital intrusion of Ukrainian information and cyberspace after the beginning of the Russian invasion of Ukraine on February 24, 2022. The group also conducts offensive cyberwarfare operations, and Chief of Head of State Special Communications Service of Ukraine Victor Zhora said its enlisted hackers would only attack military targets.
On December 3, 2022, a shooting attack was carried out on two electrical distribution substations located in Moore County, North Carolina, United States. Damage from the attack left up to 40,000 residential and business customers without electrical power. Initial estimates were that up to four days could be required to fully restore power in the area. A state of emergency and corresponding curfew were enacted by local government officials in the wake of the incident.
Electrical grid security in the United States involves the physical and cybersecurity of the United States electrical grid. The smart grid allows energy customers and energy providers to more efficiently manage and generate electricity. Similar to other new technologies, the smart grid also introduces new security concerns.
{{cite news}}
: CS1 maint: multiple names: authors list (link)While America is worrying about nation states, our infrastructure is being terrorized by rodents