Editorial Note: DW is as independent as CNN or Fox News in terms of their submission to imperial interest but besides that, this piece is worth reading.
Nicolás Maduro accuses the US of being behind the electric blackout through a cyber attack on a hydroelectric power station. DW asked four experts the same question: would something like that be possible?
On Thursday, March 7, 2019, the darkness was made in Venezuela. At five minutes to six o’clock in the afternoon, local time, a fault in the El Guri hydroelectric plant sowed distress. (DW wrote chaos) from which the country has not yet fully recovered. The blackout has claimed lives and has taken already critical situations to the limit.
A “cybernetic and electromagnetic attack”, according to the Venezuelan President (DW wrote leader), Nicolás Maduro. The consequence of years of neglect – through corruption – of the country’s infrastructure, according to the opposition, led by the president of the National Assembly, Juan Guaidó. For now, in much of the country the light has returned, but uncertainties still remain. The war of narratives keeps the country in the most opaque gloom.
“We do not have technical information about what happened, so we can not know what happened. To answer, we would need technical data.” The speaker is Oleh Derevianko, founder of the Ukrainian cybersecurity firm ISSP, Ukraine has briefly returned to the news today. Due to the similarities of the Caribbean episode with what happened on December 23, 2015 at a power plant in that country, considered the first successful cyber attack of this type. Fingers pointed then to Russia.
Derevianko explains to DW from Kiev that most people have a misconception of how, theoretically, a cyberattack works on a power plant. “You do not need to be connected to the internet,” he emphasizes. “Of course you need a connection to the network, but industrial systems do not necessarily have to be connected, it’s enough that offices or management systems belong to the same network, he said. “Of course you need a network connection but industrial systems do not have to be necessary connected, you only need the offices and the management systems to be connected”.
Jeff Middleton, director of the technology company TheVault, specializing in data protection agreesthe same. “It may be safer not to be connected to the Internet, but it certainly does not make you immune,” he says in an interview with DW from Hong Kong.
Of course, whatever the origin of the hypothetical cybernetic aggression is, “normally it is done with the help, voluntary or not, of someone who already works there.” He is talking about inside jobs: “People think that all these cyber attacks have place because someone breaks a firewall or does something technically significant, but in reality it usually happens that what they do is bribe an employee and get him to do something, either deliver a password, connect a USB to the system, etc.” It does not have to be even an at will desicion, he adds, because they can blackmail or even cheat the employee, “but knowing the enemies that Venezuela has, I imagine there will be plenty of volunteers.”
Is it possible then that Maduro is right? Selena Larson, analyst of intelligence of Dragos, recognizes that “there have been similar cases”, but remember that technical details of any kind have not yet been published. “No evidence has been shown to support the cyberattack hypothesis,” she told DW from San Francisco, adding that alternatives that reasonably explain what happened, specifically the vegetation fire that affected several Guri lines and the general consideration of a poor investment in infrastructure that has been dragging down the operation of the country’s electricity system for a long time, have been presented. The blackouts, in fact, are nothing new in Venezuela, but they had never acquired this caliber.
RELATED CONTENT: Venezuelan Expert Lecture Guaido for Talking About What he Does Not Know
Middleton does not rule out this possibility: “I suspect that Venezuela is suffering from some kind of cyber attack.” That does not mean, she adds, that the precarious situation of the electricity production and supply systems has nothing to do with it. In her opinion “the answer should be a combination of both”.
Who, and why?
The question, in that hypothetical case, is who could have carried out such an attack. The Venezuelan regime has pointed to Washington. For Derevianko, a plan like this can perfectly be carried out by an independent hacker, it is not necessary that there is a State behind. “The question is that there should be a motivation: why would a hacker spend so much time doing it? If there is no financial gain, the logical thing is that someone has asked for it.” The Ukrainian insists, however, on waiting for technical date. Until then there is only conjecture.
The French Loic Guézo, cybersecurity expert of the company TrendMicro, also believes that the possibility of the attack is there, but that “there is no evidence”. Also, remember that “the production system is old and probably Venezuela had no business continuity plans.” It even puts on the table the alternative of a “manual action”: a subtle maneuver of an expert hand “and everything is unbalanced, creating a systemic problem in which it is very difficult to know where the fault lies.
A cyber attack, a nearby fire, a failure in a deteriorated system, an artisan sabotage. Time will tell what the cause was of covering Venezuela with a mantle of darkness. Whatever it , Middleton points out that what happened shows a misconception of everything that revolves around security in an increasingly digital world: “We do not realize that cybersecurity has more to do with people than with computers and networks, if you have many enemies, you will have to work harder to protect yourself from cyber attacks. “Has Venezuela done the homework about it? He puts it into question: “I doubt they will be able to do much to protect themselves. ”
Translated by JRE/EF%