Newequipment 1726 1013 Cybersecurity
Newequipment 1726 1013 Cybersecurity
Newequipment 1726 1013 Cybersecurity
Newequipment 1726 1013 Cybersecurity
Newequipment 1726 1013 Cybersecurity

Could a Cyberattack Take Down the Power Grid?

Oct. 13, 2016
Depending on who you ask, the risk to the U.S. electrical grid is either not a big deal, disastrous, or somewhere in between.

It happened in Pakistan in January 2015. It happened in Ukraine less than a year later. It could happen in the U.S., too, and it could be catastrophic.

The prospect of a prolonged power outage that could shut down major metropolitan areas, even the entire East or West coasts, continues to raise alarms. It has fueled numerous reports, news articles, and meetings.

Former TV news reporter Ted Koppel was so concerned about what he perceived to be the lack of attention to the topic that he wrote a book about it called Lights Out.

The Department of Homeland Security reports that the energy sector is the target of more than 40% of all reported cyberattacks. The increasing autonomy of the computer systems that regulate how electricity flows through the grid poses a particular security threat, according to a recent report by security technologist Bruce Schneier on Motherboard.com.

“It means that the effects of attacks can take effect immediately, automatically, and ubiquitously,” writes Schneier, who is also CTO of IBM’s Resilient Systems, Inc. 

“The more we remove humans from the loop, (the) faster attacks can do their damage and the more we lose our ability to rely on actual smarts to notice something is wrong before it's too late.”

But is the U.S. as unprepared as Koppel, Schneier, and others fear? The IoT risk to the power grid will be one topic of a discussion at the upcoming Internet of Things Institute’s IoT Emerge conference coming up November 2 - 4 in Chicago.

Panelists in another recent panel discussion on the cyberthreat to the grid disagreed with the widespread catastrophic thinking about it.

“A nationwide blackout from a cyberattack is implausible,” said Caitlin Durkovich, assistant secretary for infrastructure protection at the Department of Homeland Security.

While vulnerabilities exist, the utility industry has been working with local, state and federal government bodies for several years on prevention, detection, and recovery plans for a power grid cyberattack, Durkovich told listeners to the discussion on the topic hosted by The Energy Times.

Utility companies deal with penetration attempts every day, said Gerry Cauley, CEO of the North American Electricity Reliability Corporation (NERC), an organization of U.S. electrical grid operators.

NERC’s third grid attack simulation in November 2015 included participants from electric utilities; regional and federal law enforcement, first response and intelligence agencies; information sharing and analysis centers and other utilities; and supply chain stakeholder organizations. NERC is planning its fourth grid attack simulation for November 2017.

In the event of an actual cyberattack on the grid, the National Cybersecurity and Communications Integration Center in Arlington, VA would be the government’s control center.

NERC has a representative at the center every day, according to a report by The Hill. In the event of a cyberattack that disabled large areas of the power grid, the person from NERC would be the liaison between the Department of Homeland Security and the electric industry. Working together will be key, according to Cauley.

“This is not anyone’s problem to address or be prepared for, but it is a unity of effort across different agencies at the federal government as well as a state role in terms of a crisis to be able to make sure that the public is safe,” he said.

Industry and government are focusing on real-time automated anomaly detection of cyber threats, according to Edna Conway, chief security officer of the global value chain for Cisco Systems, Inc.

“We’re seeing some of that in the age of the Internet of Things and Big Data calculations that allow an operational-level view (in) real time and awareness to things that may not yet mean a security breach but are anomalous and need further investigation.”