top of page
Alpha Six Actual

3 Alarming Threats To The U.S. Energy Grid – Cyber, Physical, And Existential Events


Protecting critical infrastructure, and especially the U.S. Energy Grid is certainly a topic that keeps the U.S. Department of Homeland Security (DHS), The U.S. Department of Energy (DOE), The U.S. Department of Defense (DOD), and U.S. intelligence community planners up at night. The threats can be from cybersecurity attacks (by countries, criminal gangs, or hacktivists), from physical attacks by terrorists (domestic or foreign) and vandals on utilities or power plants, or from an Electronic Magnetic Pulse (EMP) generated from a geomagnetic solar flare, or from a terrorist short range missile exploded in the atmosphere.

The underlying reality is that from an energy frequency perspective, the aging U.S. Energy Grid infrastructure is extremely vulnerable to cyber-attacks, physical incidents, and existential threats.


What Is The US Energy Grid?


The U.S. Energy Grid is divided into three major regions: The Eastern Interconnection, which operates in states east of the Rocky Mountains, The Western Interconnection, which covers the Pacific Ocean to the Rocky Mountain states, and the Texas Interconnected system.

The U.S. Energy Grid serves as the backbone of energy infrastructure. Via the grid, electricity generated at power plants moves through a complex network of electricity substations, power lines, and distribution transformers before it reaches customers. In the United States, the power system consists of more than 7,300 power plants, nearly 160,000 miles of high-voltage power lines, and millions of low-voltage power lines and distribution transformers, which connect 145 million customers. U.S. Energy Information Administration - EIA - Independent Statistics and


Why Modernization Of The Grid Is Urgent


Although in recent years the grid has been augmented with automation and some emerging tech, It is still mostly dependent on legacy technologies. In fact, 70 percent of transmission lines are at least 30 years old and approaching the end of their lifecycle, and 60 percent of the circuit breakers are more than 35 years old, compared to useful lives of 20 years. Aging grids drive $51B in annual utility distribution spending. The aging infrastructure and increasing demand for power have made the grid susceptible to “cascading failures,” where the failure of one component leads to a series of failures. This has been witnessed during periods of harsh weather. Modernizing the grid has become a high priority for Congress and industry. In fact, a 2022 Department of Energy Federal Notice of Intent calls for “modernizing, hardening, and expanding the grid will enhance the resilience of our entire electric system, and ensure that electricity is available to customers when it is needed most. Aging infrastructure leaves the grid increasingly vulnerable to attacks.”


The strategy for modernization can be found in a recent White House “Building a Better Grid” Initiative plans to overhaul the country’s infrastructure in support of a nationwide transition to clean electricity by 2035. The initiative calls for the Department of Energy to invest investing over $20 billion in federal funding to expand the nation’s electrical grid and modernize its transmission capabilities through public and private partnerships. And last year, the DOE’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) announced that it will fund up to 15 research projects “that will establish or strengthen existing research partnerships with energy sector utilities, vendors, universities, national laboratories, and service providers working toward resilient energy delivery systems.” DOE listed six proposed topic areas for the projects, including:

  • Automated Cyberattack Prevention and Mitigation

  • Security and Resiliency by Design

  • Authentication Mechanisms for Energy Delivery Systems:

  • Automated Methods to Discover and Mitigate Vulnerabilities:

  • Cybersecurity through Advanced Software Solutions:

  • Integration of New Concepts and Technologies with Existing Infrastructure


1) Cyber-Threats To The Grid And Critical Infrastructure Abound

While modernization planning focuses on new energy related technologies for distribution, resilience, storage, and capability, it is also focused on cybersecurity. Power companies use Supervisory Control and Data Acquisition (SCADA) networks to control their industrial systems and many of these SCADA networks need to be updated and hardened to meet growing cybersecurity threats.


A successful ransomware attack in 2021 on the Colonial Pipeline provided a window into that vulnerability and the many attacks points via the cross-pollination of IT and SCADA networks. The attackers disrupted the supply of oil supplies on the US East coast and demonstrated the lack of a cybersecurity framework for both preparation and incident response.

The new reality is that most of the U.S. Energy Grid critical infrastructure components operate in a digital environment that is internet accessible. The trends of integration of hardware and software combined with growing networked sensors are redefining the surface attack opportunities for hackers .


The gaps for cyber -attackers have been recognized by government and industry. The General Accounting Office (GAO) has explicitly stated that the U.S, Energy Grid is vulnerable to cyber-attacks. The GAO notes that the grid distribution systems—which carry electricity from transmission systems to consumers—” have grown more vulnerable, in part because their operational technology increasingly allows remote access and connections to business networks. This could allow threat actors to access those systems and potentially disrupt operations.” The GAO also notes that “nations and criminal groups pose the most significant cyber threats to U.S. critical infrastructure, according to the Director of National Intelligence’s 2022 Annual Threat Assessment. These threat actors are increasingly capable of attacking the grid.”


An earlier GAO report notes that the U.S. electric grid faces “significant cybersecurity risks” because “threat actors are becoming increasingly capable of carrying out attacks on the grid.” Nations, criminal groups, and terrorists pose the most significant cyber threats to U.S. critical infrastructure, according to the report. At the same time, “the grid is becoming more vulnerable to cyberattacks” via:


  • Industrial Control Systems: The integration of cheaper and more widely available devices that use traditional networking protocols into industrial control systems has led to a larger cyberattack surface for the grid’s systems.

  • Consumer Internet of Things (IoT) devices connected to the grid’s distribution network: Malicious threat actors could compromise many high-wattage IoT devices (such as air conditioners and heaters) and turn them into a botnet. The malicious actors could then use the botnet to launch a coordinated attack aimed at manipulating the demand across distribution grids.

  • The Global Positioning System (GPS): The grid is dependent on GPS timing to monitor and control generation, transmission, and distribution functions. . Is the Electric Grid Ready to Respond to Increased Cyber Threats? | Tripwire


The US government standards agency NIST is also prioritizing cybersecurity of the Grid in their progam Cybersecurity for Smart Grid Systems. “Smart grid cybersecurity must address both inadvertent compromises of the electric infrastructure, due to user errors, equipment failures, and natural disasters, and deliberate attacks, such as from disgruntled employees, industrial espionage, and terrorists. NIST will address these challenges through research conducted in the NIST Smart Grid Testbed facility and leadership within the Smart Electric Power Alliance (SEPA) Cybersecurity Committee (SGCC) to evaluate of cybersecurity policies and measures in industry standards, and development of relevant guidance documents for the smart grid cybersecurity community.” Cybersecurity for Smart Grid Systems | NIST

The fact is that cyber-attacks are evolving in sophistication enabled by artificial intelligence. Also, state actors, criminal gangs, and other attackers are homing in on energy critical infrastructure. Connectivity driven by the adoption of industrial internet of things and operational technology has further expanded the attack surface and energy infrastructure operators should implement “security by design” to counter cyber threats. Cybersecurity by design necessitates building agile systems with operational cyber-fusion to be able to monitor, recognize and respond to emerging threats. The bottom line is that cybersecurity for the U.S. Energy Grid must be elevated


THE ELECTRIC GRID CYBERSECURITY ALLIANCE


One group elevating preparedness is an organization called The Electric Grid Cybersecurity Alliance. It was formed to address the urgency of protecting energy critical infrastructure from cyber-attacks. The goal of the organization is to bring utility CEOs, CISOs, CIOs, and operational executives together in a trusted forum to confidently build an industry-wide cybersecurity game plan. The founder of the alliance is John Miri is a 25-year tech and cybersecurity veteran who has spent the last decade in the electric utility industry. Miri says that the stated mission of the Alliance is to “unite utility leaders with one goal: to protect the world’s electric grids from cyberattack.”


Miri characterized to me the state of the industry in response to cybersecurity. He said that” in one group, you have utility executives, their regulators, and the elected officials who oversee the energy industry. They see cybersecurity as an emerging risk that is being methodically addressed. They know the grid is complex and they fear unintended consequences from abrupt changes. In the other group, you have the intelligence and homeland security communities … folks in the DHS, FBI, NSA, and their congressional oversight committees. That group has a very different view. They have been warning about this threat for decades and are frustrated. To them, cybersecurity is not emerging. It is here. And they don’t think the industry has done enough.” Miri said that he started the Electric Grid Cybersecurity Alliance to constructively bring these two communities together. This is good news as both government and industry need to better collaborate in the energy sector and focus on cybersecurity.


2) Utilities Under Physical Attack


As if cyber-attacks were not enough of a security concern, physical attacks by domestic terrorist on the U.S. Energy Grid are an increasing threat. Based on data from DOE, physical attacks on the grid rose 77% in 2022. In 2022 there were several attacks by White supremacists on northwest power grid electrical substations in Oregon and Washington. Similar attacks happened at two energy substations in North Carolina where residents lost power after gunshots. In January 2023, a bulletin from the Department of Homeland Security (DHS) warned that domestic violent extremists "have developed credible, specific plans to attack electricity infrastructure since at least 2020, identifying the electric grid as a particularly attractive target."

In February 2023, authorities arrested and charged two white supremacist suspects in connection with an alleged plot to attack and take down the power grid in Baltimore, Maryland.


The problem is that substations make easy soft targets and there are more than 55,000 connected to the grid in the US. The threat is not only from white supremacists, but eco-terrorists have also physically attacked plants in the past. Vandalism is also an issue. And global terrorist and nation state adversaries could pose a threat to stations and substations. The cost to protect all these stations from physical threats is significant and requires strong law enforcement coordination.


The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority whose mission is to assure the effective and efficient reduction of risks to the reliability and security of the grid. NERC reliability standards call for a risk-based approach in the implementation of physical security safeguards that include access Control, key cards, alarms, and roving security. New threats suggest additional protections may be needed, such as additional perimeter setbacks (where possible), removing sight lines, additional roving security and monitoring, and hardening protective barriers. According to Chris Hurst, vice president of Value Engineering at OnSolve , emerging threats “suggest additional protections may be needed, such as additional perimeter setbacks (where possible), removing sight lines, additional roving security and monitoring, and hardening protective barriers.”

3) Existential Threats – Weather, Solar Storms, and EMP

The existential threat to the U.S. Energy Grid can come from a variety of angles. Both weather and solar storms, are top factors for power outages in the United States (one other big factor is outages from squirrels hanging out on transformers and transmission lines!). Hurricanes, tornados, fires, floods, and other acts of nature can have devastating impact on power plants, transformers and transmission lines. Unfortunately, the US has had much practice in this area and preparation and resilience and the key to recovery. DHS’s emergency response organization FEMA has been a leader in accomplishing this mission.


Solar storms are a different existential threat to address. Solar flares are made up of high-energy particles resulting from explosions on the Sun’s surface. A geomagnetic storm can be defined as a major disturbance of Earth's magnetosphere that occurs when there is an exchange of energy from the solar wind into the space ecosphere surrounding Earth.

Over the past 150 years, the earth has been struck by more than 100 solar storms In 2008, the National Academy of Sciences estimated that the damage and disruption of the grid caused by a solar flare could cost up to $2 trillion in economic damages, with a full recovery time of four to 10 years.


“We have 18 critical infrastructures – food, water, medical care, telecommunications, investments, the works – and all 17 of the others depend heavily on the electric grid,” said former CIA Director, James Woolsey, before the Cybersecurity and EMP Legislative Working Group. Calling the electric grid “one of our greatest national vulnerabilities,” Woolsey added, “If you get up into months or years of the electric grid going down, you move us back not into the 1980s, pre-Web, but into the 1880s, pre-electric grid.”


An outcome of solar storms can be electronic magnetic pulses (EMPs) that can destroy digital infrastructure, including vital financial, transportation, healthcare, telecommunications, and energy verticals. The EMP threat can also be implemented by missiles exploded in the atmosphere, and other delivery methods. EMP emits pulses of energy that can be emitted from the blast of a nuclear weapon, portable devices like high power microwave weapons (HPMWs). A 2018 military study by the Air Force titled, “Electromagnetic Defense Task Force,” warned that an EMP weapon attack such as those developed by adversaries could destroy our way of life and displace millions.


Testimony at the Hearings from the late Dr. Peter Prye, a member of the Congressional EMP Commission and executive director of the Task Force on National and Homeland Security, put the threats in frightening perspective: “Natural EMP from a geomagnetic super storm, like the 1859 Carrington Event or 1921 Railroad Storm, and nuclear EMP attack from terrorists or rogue states, as practiced by North Korea during the nuclear crisis of 2013, are both existential threats that could kill 9 of 10 Americans through starvation, disease and societal collapse.” Dr. Prye also noted that “a natural EMP catastrophe or nuclear EMP event could black out the national electric grid for months or years and collapse all the other critical infrastructures — communications, transportation, banking and finance, food and water — necessary to sustain modern society and the lives of 310 million Americans.


Conclusion


The underlying reality is that the US electric grid infrastructure is extremely vulnerable to physical, cyber, and forces of nature incidents. Helping reduce the vulnerability and fortify the U.S. Energy Grid has become an urgent need, and the clock is ticking. There are many ways to help mitigate threats to the energy infrastructure from cyber, physical and existential causes. Some of those include: shielding and hardening targets—grid protection by protecting against surges and voltage; decentralization and employment of off-grid or “distributed-grid” networks; phased voltage stabilization systems and resistors for redirecting and balancing energy; mandating enhanced security standards, training and contingency planning, and establishing mechanisms for sharing information on vulnerabilities and threats. Systematic resiliency planning is also vital for restoring power for various contingencies. These technologies are available for protecting the grid; it comes down to investment and leadership to ameliorate vulnerabilities.


As the adage says, we are in this all together because the stakes are so high. Public/Private collaboration is essential to preventing a next incident to the grid and a national catastrophe. Federal agencies should also be provided with specific mission jurisdictions for implementing risk management policy frameworks in coordination with regulators, and utilities themselves. Finding viable solutions will require co-investment, strong public/private sector partnering and collaboration in research, development, and prototyping. That partnership must include an accelerated effort to fund and design new technologies to protect the utilities from natural or man-made electromagnetic surges; further protect hardware and software in control networks from cyberattack; and provide enhanced physical security.


Protecting the US energy infrastructure, and being proactive against the three alarming threats to the US Energy Grid from cyber, physical, and existential events is a challenging endeavor but an imperative.


About The Author:

Cybersecurity Person of The Year

THE CYBER EXPRESS

Chuck Brooks is a globally recognized thought leader and subject matter expert Cybersecurity and Emerging Technologies. Chuck is also an Adjunct Faculty at Georgetown University’s Graduate Cybersecurity Risk Management Program where he teaches courses on risk management, homeland security technologies, and cybersecurity. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn.” He was named “Cybersecurity Person of the Year for 2022” by The Cyber Express, and as one of the world’s “10 Best Cyber Security and Technology Experts” by Best Rated, as a “Top 50 Global Influencer in Risk, Compliance,” by Thompson Reuters, “Best of The Word in Security” by CISO Platform, and by IFSEC, and Thinkers 360 as the “#2 Global Cybersecurity Influencer.” He was featured in the 2020, 2021, and 2022 Onalytica "Who's Who in Cybersecurity" He was also named one of the Top 5 Executives to Follow on Cybersecurity by Executive Mosaic, He is also a Cybersecurity Expert for “The Network” at the Washington Post, Visiting Editor at Homeland Security Today, Expert for Executive Mosaic/GovCon, and a Contributor to FORBES. He has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law.

Follow Chuck Brooks on LinkedIn: LinkedIn

Follow me on Twitter or LinkedIn. Check

0 views0 comments

Kommentare


bottom of page