| 1. |
Rapid digitization combined with low levels of investment in cybersecurity and a weak regulatory regime suggest that the U.S. power system ___________, if not more vulnerable to a cyberattack as systems in other parts of the world. |
|
|
is not as vulnerable |
|
|
is as vulnerable |
| 2. |
Lloyds of London, an insurance underwriter, developed a plausible scenario for an attack on the ____________ one of the two major electrical grids in the continental United States which services roughly half the country. The hypothetical attack targeted power generators to cause a blackout covering fifteen states and the District of Columbia, leaving ninety three million people without power. |
|
|
Eastern interconnection |
|
|
Western Interconnection |
| 3. |
Many experts are now also concerned that smart grid technologies, which use the internet to connect to power meters and appliances, ____________ an attacker to take over thousands if not millions of unprotected devices, preventing power from being delivered to end users. |
|
|
Could allow |
|
|
Could not allow |
| 4. |
Regardless of which part of the power grid is targeted, attackers would need to conduct extensive research, gain initial access to utility business networks (likely through spearphishing), work to move through the business networks to gain access to control systems, and then identify targeted systems and develop the capability to disable them. Such sophisticated actions would require extensive planning by an organization able to recruit and coordinate a team that has a broad set of capabilities and is willing to devote many months, if not years, to the effort. |
|
|
True |
|
|
False |
| 5. |
Payments for ransomware malicious software that encrypts data and will not provide a code to unlock it unless a ransom ___________, by some estimates have topped $300 million. This funding could allow criminal groups to purchase more sophisticated capabilities to carry out the ultimate ransomware attack. |
|
|
Has been paid |
|
|
Has not been paid |
| 6. |
Discrediting Operations. Given the importance of electricity to the daily lives of Americans, an adversary may see advantage in disrupting service to undermine public support for a U.S. administration at a politically sensitive time. |
|
|
True |
|
|
False |
| 7. |
Distracting Operations. A state contemplating a diplomatic or military initiative likely to be op-posed by the United States could carry out a cyberattack against the U.S. power grid that __________ the attention of the U.S. government and disrupt or delay its response. |
|
|
Would distract |
|
|
Would not distract |
| 8. |
Pre-Attack Measures. Actions taken now could significantly mitigate the effects of a large-scale blackout caused by a cyberattack. Maintaining and exercising ____________ of the grid, planning and exercising recovery operations, and continually expanding distributed power could significantly shorten the duration of any blackout and reduce economic and societal damage. |
|
|
Manual operations |
|
|
AI controlled operations |
| 9. |
Post-Attack Measures. Following an attack, eliminating malware and regaining control of the power grid would likely be carried out by the owners and the operators of affected systems with support from private incident response teams. Specialized support from the Department of Homeland Security’s Industrial Control System Computer Emergency Response Team (ICS-CERT) and the DOE national labs would also be provided. The government’s main role would be attributing the attack and responding to it. The FBI would take lead responsibility for investigating the attack domestically and for conducting computer forensics. The intelligence community would look at its existing intelligence collection for indications of what might have been missed and would begin targeted collection efforts to trace the attack. Within weeks, the U.S. government would have confidence in its attribution. |
|
|
True |
|
|
False |
| 10. |
The deterrence policy should articulate how the administration would view an attack on the power grid and should outline possible response options. As a starting point, the administration should be clear that an action against the grid would be treated as an armed attack and signal that a _______________ in or out of cyberspace would likely be required. |
|
|
A military response |
|
|
A non-military response |
|
