First Ever DoS Cyber-Attack On A US Power Grid Detailed In Startling Report
According to NERC's report, this problem was caused by outdated firmware. A firmware fix to patch the vulnerability that allowed this attack to happen had been released prior to the attack, but internal processes had been too lax to ensure that patch was applied before it was too late. Even after applying the patch, NERC continued to address the problem by implementing more safeguards in their networks. The steps they took (and recommend to others to protect from attacks like these) include the following:
- Employing virtual private networks (VPNs)
- Having fewer devices connected directly to the Internet, which reduces "attack surface" or potential points of failure
- Implementing ACLs (access control lists) as an additional filter to inbound traffic, even before the firewall
- ...and many others, mostly stricter monitoring of exploits out in the wild and the network itself
Note: Denial of Service (DoS) and Distributed Denial of Service (DDoS) are actually slightly different things. Other sources are incorrectly reporting this as the latter, which involves a large number of devices performing an attack on a single source, hence the "Distributed". NERC refers to this attack as a regular old DoS, though, so we are identifying it as that.