Grid Security And Cyber Defense Cannot Fall On Deaf Ears, Experts Warn

The following is press coverage on the NCGR’s new report, courtesy of Forbes.com.

If the electrical grid is knocked out for long periods, the damage to the American economy would be insurmountable. And the country’s enemies know that. That is why its brain trust is dedicated to insulating the transmission network from both physical and cyber-attacks. 

The National Commission for Grid Resilience just laid out its blueprint to prepare the country for 21st Century combat — including the kind from afar and from behind a keyboard. Power companies are on guard and they are developing robust systems that can continue to generate and deliver power if attacked. Most, if not, all are participating in exercises that simulate mock assaults. The aim is to be proactive — to anticipate what moves the enemy might make. But it is a never ending battle with each side is always trying to one-up the other. 

“The idea that the Russians would use cyber attacks on the grid did not exist” in the 20th Century, says Darrel Issa, a former congressman and now a co-chair on this grid commission. “We later found that Osama bin Laden wanted to take down grids.” Issa, who spoke last week an event hosted by the Center for Strategic & International Studies, said that the focus has been on hurricanes and earthquakes. But in recent times, the experts have learned that more insidious events such as cyber attacks and invisible viruses can wreak havoc. 

The commission, dedicated to securing the grid, is comprised of General Wesley Clark, Norm Augustine, Dan Poneman, Kevin Knobloch, Adam Cohen and Rep. Issa. Among their recommendations are to ensure that the threats are widely understood by the utilities that must allocate scarce resources to these causes — ones that have a low probability of occurring but also ones that have a high consequence if they do occur. 

To that end, innovations need to be rapidly advanced and they need to be paid for by using public-private resources. The need is simply too great to depend on private investors who think short term and who are concerned about quarterly returns. Utilities should be able to recoup their outlays associated with resilience, the commission says, just as they do for all other capital expenses. The grid is a national asset. But with 500 separate grid owners, it is too hard to coordinate. As such, Congress needs to get involved and there must be a central repository upon which utilities, grid operators and safety experts can share information. 

 

Team Effort:

“The grid has evolved over many years — not from a clean sheet of paper,” says Commissioner Augustine. “There are a number of vulnerabilities. And most of the grid is owned and operated by the private sector. So the government has an important role to play by providing incentives to defend against those threats.”

The financial value stretches from preserving human life to maintaining the integrity of critical infrastructure. Consider that complex interdependency of utility systems: A loss of power can also take out the drinking water system, the wastewater facility and the communications infrastructure. For those reasons, the use of distributed assets such as onsite power generation with microgrids can provide protections.

The “bulk” electric grid is a fat target for two reasons. First, it’s a critical economic asset. A single brownout can cost as much as $10 billion, which comes in the form of direct losses as well as lost opportunities, estimates the Federal Regulatory Commission. Second, the grid is vast: Altogether, there are about 5,800 major power plants and 450,000 high-voltage transmission lines in the United States.

And because the system is now connected to the outside world through the Internet, it has become subject to evermore attacks.

Weather events are one matter. But cyber and physical assaults are another. Federal law enforcement has identified ways in which bad actors can plant malware and go on “phishing” expeditions to gain access to remote transmission networks. And it started around 2016 and it drew a lot of suspicions when the Kansas-based Wolf Creek Nuclear Operating Corp. got hacked in 2018. Russia is said to be behind the assault — a move similar to what it also, allegedly, did in 2015 to Ukraine’s network, which caused a lot more damage.

In one 48 month period, for example, 1,131 actual attacks occurred, with 159 of those successful, reports the Energy Department’s Joint Cybersecurity Coordination Center. Because electricity is “wheeled” across the country, any assault could reverberate. Altogether, the electrical transmission network serves more than 300 million people and it is comprised of 200,000 miles of wires

Consider PG&E Corp., which operates in the heart of Silicon Valley — home to America’s high tech sector: Masked gunmen burst into a substation and started firing automatic weapons that destroyed 17 transformers six years ago. PG&E is fighting back by bridging its information technology department with its operations unit, meaning that those who are responsible for securing the company are communicating closely with those who keep the lights on. 

 

High Priority:

The questions before U.S. lawmakers are over how to pay for these protective measure and whether the potential steps should be voluntary or mandatory.

Power companies, which prefer a voluntary approach, are already supposed to certify with the Federal Energy Regulatory Commission that they have developed robust systems that can continue to generate and deliver power if attacked. To comply, they are describing their potential risks based on historical accounts. More than 200 utilities and several government agencies have participated in emergency drills to simulate prolonged blackouts from both physical and cyber-attacks.

Duke Energy DUK -1.1% and Xcel Energy XEL -0.3%, which have been frequent targets of hackers, are allocating billions toward grid modernization. Grid operations are being protected, for example, by frequent password changes as well as by periodic patches to firewalls and upgrades. But it’s a constant chess match. Setting priorities by identifying high-value assets and then restricting access is a good start, all while ensuring employees are well-trained and well-vetted.

“A priority for the next administration should be for the United States to build a more secure and resilient power grid,” says General Clark. “To keep our nation powered and our electric companies informed, we must overcome the lag in communication between the intelligence community and power companies.”

History has shown that utilities know how to defend against natural catastrophes. But it is an open question on whether they can protect against more nefarious actions. To give the country a fighting chance, the National Commission for Grid Resilience has outlined its defense that will be presented to the next administration — something that the commissioners caution cannot fall on deaf ears.

Article by Forbes.com’s Ken Silverstein.

 

In Other News…

Big Astronomy Planetarium Show Premiers September 26

Big Astronomy planetarium show premiers September 26 Turn your phone into a planetarium with innovative and immersive 360° streaming San Francisco – The Big Astronomy worldwide premiere is coming soon to a smart phone or connected device near you! On September 26 at...

ALMA Discovers Misaligned Rings in Planet-Forming Disk Around Triple Stars

Using the Atacama Large Millimeter/submillimeter Array (ALMA), two teams of astronomers have for the first time discovered a planet-forming disk with misaligned rings around a triple star system, called GW Orionis. The astronomers give two possible scenarios for the...

Why North Carolina Outsourced Election Cybersecurity to a ‘CISO-as-a-Service’

The following is press coverage on Woodstar Labs' involvement with North Carolina's election security, courtesy of statescoop.com. Faced with mounting cybersecurity needs headed toward the presidential election, but lacking the financial resources to build out a more...

A Cyber-Risk We’re Not Prepared For: What if the Power Grid Collapsed and America Went Dark?

The following is press coverage on the NCGR's new report, courtesy of washingtonpost.com. EVERY CATASTROPHE comes as a shock, but many shouldn’t come as a surprise. Just as we knew a pandemic was a possibility yet failed to plan for it, power-grid collapse is a threat...

Grid Security And Cyber Defense Cannot Fall On Deaf Ears, Experts Warn

The following is press coverage on the NCGR's new report, courtesy of Forbes.com. If the electrical grid is knocked out for long periods, the damage to the American economy would be insurmountable. And the country’s enemies know that. That is why its brain trust is...

Coverage on National Commision on Grid Resilience’s (NCGR) Latest Report

The following is press coverage on the NCGR's new report, courtesy of UtilityDive.com.   Dive Brief: A new report from the National Commission on Grid Resilience (NCGR) calls for declassifying and giving utilities greater access to information about threats...

Woodstar Labs Welcomes New Wave of Cyber Analysts

Woodstar Labs, a subsidiary of AUI focused on cutting-edge-cybersecurity solutions, microelectronics, eLearning, and STEM education welcomes a new cohort of Cyber Analysts. Woodstar labs is excited to work with this talented group of young professionals as we continue...

AUI Statement on Racial Equity

As the nation continues to mourn and respond to the unjust death of George Floyd, there is no doubt that violent race-related incidents and the subsequent protests and clashes are the most urgent need for us as a society to address. Further, to address them, we must...

2020 AUI Scholarship Winners

Below are the winners of the 2020 AUI Scholarship conducted by International Scholarship and Tuition Services, Inc. These students will each receive an award of $3,500 per year to aid in defraying expenses at the college or university of their choice. Lexington Miller...

Big Astronomy Wins Big

Big Astronomy wins “Best Astronomy Education” Award in the Dome Under Fulldome Film Festival. Melbourne: The Dome Under Fulldome Film Festival hosted its first planetarium film fest in Melbourne, Australia, on February 8 – 9. Big Astronomy: People Places Discoveries,...

You are now leaving AUI

You will be redirected to the related partnering organization's website.

You will be redirected to
in 4 seconds...

Click the link above to continue or CANCEL