MASSENA — New York Power Authority officials say they are taking steps to ensure they are protected against cyberattacks like those that occurred with Colonial Pipeline this year and SolarWinds in 2020.
SolarWinds, a major U.S. information technology firm, was the subject of a cyberattack that spread to its clients and went undetected for months. Foreign hackers were able to use the hack to spy on private companies and U.S. government, including the U.S. Department of Homeland Security and U.S. Treasury Department.
This year’s cyberattack on Colonial Pipeline forced the company to proactively close down operations and free information technology systems. The measure temporarily halted all pipeline operations. Colonial Pipeline is one of the largest pipeline operators in the United States, providing roughly 45% of the East Coast’s fuel.
“This remains a developing situation and the full details of what exactly transpired have not come out yet,” NYPA Chief Cybersecurity Officer Eric Meyers told trustees.
He said he expected more information would come out when Colonial Pipeline’s chief executive officer testifies before Congress this month.
“There has been no indication at this point of exactly how they got into Colonial, but I expect we’ll learn more as the investigation continues,” he said.
Trustee Michael Balboni called the attacks on SolarWinds and Colonial “two very dramatic infrastructure-focused attacks. So everyone is pretty concerned and watching if this is signaling a new acceleration of the trend.”
Mr. Meyers said they are remaining vigilant to ensure the same situation doesn’t happen with the authority. The authority has collaborated with partners across industry and government to gather and apply threat intelligence to ensure NYPA was protected. In addition, operational resilience and risk management of the authority’s plants and sites is being monitored daily.
“At this point, we’ve not observed any indication of similar compromise anywhere within the NYPA ecosystem,” he said.
He said the Department of Homeland Security had recently released technical data that the authority has applied, and they’ve seen nothing impacting their operations. The authority continues to partner with federal and interagency partners to understand the potential impact on the supply chain for both the authority and the region.
“So we continue to monitor the situation very closely,” Mr. Meyers said.
“We will report through our Cyber and Physical Security Committee of the board about our security posture and about any updates to this situation. But it’s clear that the bad actors are really targeting not only the national sector, but also the energy sector as well. We need to be vigilant 24/7, 365,” President and Chief Executive Officer Gil Quiniones said.