Utility companies in Texas say more hackers are surveying their systems

hacker typing on keyboard

Our CEO, Michael D. Moore, appeared on NewsRadio 1080 KRLD to speak about the impact hackers are having on utility companies.

Listen to the full interview or read below.

Since Russia’s invasion of Ukraine started, utility companies in Texas say more hackers have been surveying their systems. They say hackers may be attempting to find vulnerable areas to launch an attack.

Utilities say hackers may be trying to shut down part of the state’s grid, shut down refineries so they cannot produce gasoline or shut down ports so oil and natural gas cannot be transported.

“There are state sponsored attackers, meaning Russia and China actually mean to do the U.S. harm, but there are also smaller organizations or companies that actually work in this area and try to do you or others harm and then there are individuals,” says Michael Moore, founder of M3 Networks in Southlake.

M3 Networks works in IT and provides services to small and mid-sized businesses. Moore started the company 19 years ago.

“You can go and buy a cyberattack very inexpensively to do destruction against companies and against people,” he says.

Moore says hackers will survey the computer systems of utilities and ports looking for a weak spot to enter.

“That’s a lot of what you’re seeing now is hackers going after the supply chain,” he says.

Last week, President Joe Biden said the Department of Homeland Security was working more closely with organizations working in critical infrastructure, calling this a “critical moment” to improve cybersecurity.

“From day one, my Administration has worked to strengthen our national cyber defenses, mandating extensive cybersecurity measures for the Federal Government and those critical infrastructure sectors where we have authority to do so, and creating innovative public-private partnerships and initiatives to enhance cybersecurity across all our critical infrastructure,” the president wrote in a statement. “Congress has partnered with us on these efforts — we appreciate that Members of Congress worked across the aisle to require companies to report cyber incidents to the United States Government.”

Biden also urged companies to report cyber incidents to the Department of Homeland Security. Moore, with M3 Networks, says those reports can help Homeland Security and businesses that work in cybersecurity adjust to different tactics hackers may be using.

“It’s very important to report these cyber attacks,” he says. “So many people don’t want to do anything about it because they feel embarrassed. It’s happening to thousands of companies every day.”

Moore says individual businesses can also protect themselves.

He urges businesses to use multi-factor authentication for every device where employees will log on and adopt password protection through a password manager.

Moore says individuals can protect themselves by avoiding public WiFi when possible and using “passphrases” instead of passwords.

“It’s just really, simply, a sentence that’s usually 30 characters or more. Instead of ‘dr3@m1234’, you might say, ‘i love to go to miami in the summer’,” he says. “That first password takes about a minute to crack for a hacker. That second one takes about 64,000 years.”

Moore says insurance companies that work with businesses are also becoming more strict in handling cyber security. He says policies may now consider a failure to regularly update security protocols “gross negligence.”

“It’s actually outlined in the policy,” he says. “It says that. ‘We assume you are doing everything you said you were going to do and always adding policies your employees comply with. You have them be retrained. If you don’t, when you go to use your cyber-liability insurance, they’re going to call it gross negligence because you were a participant in your own demise.”