Cybersecurity Threats a Chief Concern for DHS

Recently, instances of GPS jamming and spoofing in the shipping industry have threatened the reliability of our global navigation system, urging the United States to test backup solutions for GPS in the event of future disruptions and establish a Space Command to mitigate potential complications with Russia and China. Now, the United States faces another dilemma: cybersecurity.

On Monday, September 9th, during a field hearing at the National September 11 Memorial Museum in New York City, former Department of Homeland Security secretaries Michael Chertoff, Janet Napolitano, and Jeh Johnson voiced concerns regarding cyber threats to the United States. 

According to Napolitano, cybersecurity ranks as one of the top three threats to the United States, with election infrastructure, utility grids, and critical infrastructure particularly vulnerable.

Calling for an immediate response to these threats, Napolitano suggested the establishment of a commission similar to the one established after the September 11 attacks. Similarly, Chertoff recommended that further resources be provided to the DHS’s Cybersecurity and Infrastructure Security Agency, which was founded in 2018 to respond to such issues. 

Since Russia’s interference in the 2016 elections, the DHS has paid particular attention to cybersecurity threats with election infrastructure. According to Johnson, both President Trump and Congress failed to take adequate action in response to Russia’s interference in the election.

Yet, Russia’s interference doesn’t conclude with our elections. In 2018, the DHS and FBI issued an alert stating that Russia has been targeting U.S. critical infrastructure—particularly, our utility grid—since 2016.

In 2017, Russia used malware and spear-phishing to hack into and gain access to one of the United States’ power plant’s control system in what the DHS calls a “multistage intrusion campaign.” According to Joel Brenner, head of counterintelligence under the Director of National Intelligence under the Obama administration, the Russians were “placing the tools that they would have to place in order to turn off the power. That’s a serious vulnerability for us, and we’re not anywhere near ready to deal with it.”

In addition, last week, Georgia Cyber Center Executive Director Eric Toler warned that the U.S. power grid is growing more vulnerable to attack from foreign governments, citing Russia, China, North Korea, and Iran as possible adversaries.

The United States Utility Grid is vulnerable to such cyberattacks due to the use of phase synchronization, which relies on GPS signals for timing. Phasor Measurement Units (PMUs), which synchronize services among power networks and find malfunctions within transmission networks, rely on GPS to time-stamp their measurements. As witnessed throughout the last few months, the United States’ GPS is particularly vulnerable to jamming and spoofing, subsequently making its utility grid susceptible to cyberattacks.  

If a foreign government were to manipulate a PMU’s timestamp using GPS jamming or spoofing, the grid could overheat or transformers and lines could become overloaded, resulting in blackouts.

Luckily, there is a solution that could mitigate potential threats to the U.S. Utility Grid. Satelles’ Satellite Time and Location (STL), whose signals are impervious to jamming or spoofing, serves as an augmentation for GPS signals, ensuring that timing and synchronization information is accurate. Origination from a low-earth-orbiting satellite constellation, STL signals are 1,000 times stronger than those of GPS and provide location-specific data that is updated every few seconds. To learn more about STL, visit our Technology page

Sources: https://thehill.com/policy/cybersecurity/460580-former-homeland-security-secretaries-call-for-action-to-address, https://www.aikenstandard.com/news/cyber-expert-warns-foreign-threats-could-target-critical-infrastructure-in/article_ea5ea312-d0a9-11e9-8f22-4bc83543fe39.html, https://www.npr.org/2018/03/23/596044821/russia-hacked-u-s-power-grid-so-what-will-the-trump-administration-do-about-it