Efficiency and Smart Grids
Imagine this: Power plant operators across the country rely on the same software to monitor plant operations and its relationship to the grid. The software has helped them improve efficiency and reduce pollution. Occasional updates add new features and improve security. Threat actors obtained access to one of the updates before it was sent to users. They changed software code to give them backdoor access to plants across the country. When users updated their software, they unwittingly added a new vulnerability.
Which type of cyber attack does this describe?
The correct answer is B
- B Supply chain attack
Supply chain attacks exploit vulnerabilities that are deliberately injected into products, including software and applications, or smartphones. Even the software that runs smart grids is vulnerable. To fight supply chain attacks, developers use applications driven by artificial intelligence and machine learning to hunt for vulnerabilities throughout their code.
“Regular audits on third parties can help identify risk. It is important to conduct in-house audits so as to demonstrate to regulators that the organization understands the processes being used, is able to test them and is taking the third party data risk seriously.”
IEEE Senior Member