Get PJ Media on your Apple

Power Industry Seeks Ways to Protect Nation from Major Disaster

Goal is to avoid repeat of devastating 2003 blackout that affected much of the northeast.

by
Rodrigo Sermeño

Bio

August 27, 2013 - 11:29 pm
Page 1 of 2  Next ->   View as Single Page

WASHINGTON — Government and power industry leaders want to improve the country’s weak defenses against a potentially catastrophic cyber-attack on the electric grid, but disagreements persist over the best approach to ensure collaboration between the public sector and the private sector.

What makes the electric grid an attractive target for cyber-attacks is its multiplier effect — an attack on one region or supplier can quickly ripple to others. Its vast infrastructure — from generation plants to substations — is spread over highly interdependent installations that are miles apart.

In addition, the grid makes an appealing target because of its exceptional vulnerability, which stems, in part, from its broad reach.

As past major outages have shown, a line outage or system failure in one area can lead to cascading effects in other areas. In 2003, a blackout across the Northeast, sparked by an overgrown tree near Cleveland, crippled commerce and transportation in the U.S. by cutting off power to 50 million people and causing up to $10 billion of damage to the economy.

As technology has advanced, utilities have begun taking steps to update the electric grid by integrating new technologies, such as automated systems, and information technology networks that connect grid operations and control systems to other computer networks and to the Internet.

Years ago, power companies saw that managing grid operations via the Internet would help them cut costs and increase efficiency, so they moved towards online systems that could be accessed remotely.

“Now we can remotely manage devices via the Internet,” says Mark Weatherford, a leading former Department of Homeland Security cybersecurity official. “So instead of putting someone in a truck and having them drive a hundred miles to a substation in the middle of the mountains somewhere, you remotely manage that.”

Weatherford, now a principal at the Chertoff Group, was among several power executives and cybersecurity experts who gathered recently at an event on grid security hosted by the Bipartisan Policy Center in Washington.

Although the changes have allowed the gradual modernization of the system, the increased interconnectivity has made the grid more vulnerable to attacks from computer hackers.

“To no one’s fault at the time — we didn’t realize it. [We] didn’t think about the security and the insecurity” of Internet connections, Weatherford said.

Security experts are aware of the problem, and they are moving quickly to solve what they see as a rapidly evolving threat to the networks of power utilities. But the increasing complexity of computer systems poses new challenges for personnel who do not have a cybersecurity background.

“How do we teach power engineers and operators what they need to know about cyber and in particular about cybersecurity?” asked Michael Assante, one of the nation’s top experts on cybersecurity. “These are tough questions. If you go to engineering school, you’re not taught about cybersecurity as part of becoming a power engineer.”

Some industry leaders argue that if power utilities want to counter the growing threat of cyber-attacks, they must use the same resources that they use to combat natural disasters.

“We have to treat the cyberthreat with the same respect that we give to forces of nature that impact our grid,” notes Chris Peters, the vice president for critical infrastructure protection at Entergy, one of the country’s largest operators of nuclear power plants. “We have to put the same comprehensive approach and the same attention to cyberthreats as we do to the other threats that impact our system.”

Former CIA and NSA director Michael Hayden warned that Edward Snowden’s actions have created a stir among those who are committed to transparency and Internet freedom, which could result in a retaliatory attack if Snowden is captured by the U.S. government.

“If, and when, our government grabs Edward Snowden and brings him back here to the United States for trial, what does this group do?” asked Hayden rhetorically about hacker groups such as Anonymous. “They may not go after the U.S. government because frankly, the dot mil stuff is one of the hardest targets in the United States. If they can’t go after dot mil, who are they going after? Who, for them, are the [digital] World Trade Centers?”

Comments are closed.

All Comments   (11)
All Comments   (11)
Sort: Newest Oldest Top Rated
my best friend's half-sister makes $88 hourly on the laptop. She has been unemployed for nine months but last month her check was $14495 just working on the laptop for a few hours. helpful resources >>>>http://www.wep6.com
Go to website and click Home tab for more details.
❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤

32 weeks ago
32 weeks ago Link To Comment
"Many of the power executives at the conference said it would be hard to make the business case for enhanced cybersecurity measures. Because of the low probability of occurring, it would be tough for power companies to justify any rate increases to finance cybersecurity measures, especially for a threat that consumers have not actually experienced yet."

That's very true. Unarguably true.

For a publicly traded company, of course. Back in the days of real businessmen, this would have been a no-brainer.
32 weeks ago
32 weeks ago Link To Comment
It is possible that, as we migrate to more and more of a digital instrument environment, that the overall grid may become more vulnerable to either remote hostile attacks or to the "sky is falling" scenario related to solar flares. But the fact is, the majority of the grid and its equipment was installed well before digital, and most relaying out there is electo-mechanical and not subject to hacking.

The truth is that the "grid" is no such thing. Electircal distribution, with few exceptions, is highly localized. What happened in 2003 initiated locally in Ohio and got bigger only because the rest of the systems that were sharing high voltage transmission didn't have isolation logic set up to isolate themselves from the effects of the Ohio generator power reject event.

If you want to have a power system that doesn't look like it belongs in a third world tinpot hell hole, then get the wreckers out of the public conversation, get some new HV transmission on line and let the engineers figure out how to protect their local system from companies that don't do their line and protective relaying maintenance properly.

The luddites and the nimbys fight new HV transmission lines every time they come up and they win. As few of them as there are, these creatures have successfully told the rest of you to go perform anatomically impossible and indecent acts upon yourself. If there is no other method of getting your power to you, when your one lonely line goes out, for any reason, your lights go out.

32 weeks ago
32 weeks ago Link To Comment
Threat should include EMP from massive ejections from the sun as happened in the 1840s once, and also an Electro-Magnetic Pulse from a high altitude nuke over Kansas or similar location. The nuke could come from the usual suspects and could even be launched from a cargo ship offshore.

Past testing shows that an EMP will cause a lot of damage in non-energized lines and worse in energized lines. The latter will have insulators ruined and hangers melted. The line drops on the ground like spaghetti. The major regional switch apparatuses will be severely damaged and could take a year to get a replacement from Sweden. The big demand will be for big equipment replacements and lots of bodies available to splice and re-hang wires. The latter would take prepositioned hardware such as hangers and splicing, plus instructional paper materials for available enthusiasts, and some kind of social organization around linemen, civilian and ex-military, like the Ground Observer Corps of the past, or Civil Defense Auxiliary. They could have summer picnics to demonstrate climbing and splicing to amateurs, alternative methods to use when there is no bucket truck, etc. The regional switch equipment needs EMP shielding. It might be useful to survey steam locomotive assets in museums etc. in case immediate call-up of pre-electric rail capability is needed.
32 weeks ago
32 weeks ago Link To Comment
"Power Industry Seeks Ways to Protect Nation from Major Disaster

Goal is to avoid repeat of devastating 2003 blackout that affected much of the northeast."

The Left aint gonna put up with that nonsense, you can't buy or extort votes like that.
32 weeks ago
32 weeks ago Link To Comment
Cyber attacks are a threat, but the damage they can cause is nothing compared to either a Coronal Mass Ejection solar event (Carrington class) or even a small exoatmospheric nuclear EMP attack. Cyber attacks are unlikely to cause widespread lasting damage, while these other events would take large sections of the power grid down for 6 months to two years - which would be catastrophic and very deadly.

I'd feel a lot better if someone spent the $20 bn or so needed to protect against these events. In a year or two, North Korea will have the capability to, in a spasm of insanity, launch a nuclear-weapon containing satellite over the South Pole and kill 10s of millions of Americans.
32 weeks ago
32 weeks ago Link To Comment
“To no one’s fault at the time — we didn’t realize it. [We] didn’t think about the security and the insecurity” of Internet connections, Weatherford said.

How is this even possible? Richard Clarke, former counter-terrorism czar under Clinton, documented the problem some years ago in "Cyber War", where he also discussed the government test run some years earlier in which a power generator's control system was cyber-attacked. That every expensive generator was, by the end of the test, left a smoking mess. (The video is even on YouTube!)

There's yet another problem that has yet to be addressed: vulnerability to massive electronic pulse. While such an EMP can be made-caused, a serious solar storm could prove devastating enough. Is preparing for such an eventuality also too big a hit on the "bottom line" to be dealt with?

As Clarke also noted, the major components of our electric infrastructure aren't sitting in a warehouse as "spare parts", but are custom-made to order. Unlike repairing downed power lines or a blown transformer at a sub-station, a major hit could take months to repair.
32 weeks ago
32 weeks ago Link To Comment
There is no need for a power engineer to be an expert in cybersecurity. I'd also be wary of efforts by politicians and rent seeking weasels to add fees to our electric bills. Instead, I'd look at other industries and see if there is an off-the-shelf solution to securing power company networks. I suspect that simply applying good cybersecurity practices from banking would be more than adequate. In addition, while people think security breaches primarily come from hackers, I'd be more worried about security breaches from employees on the inside. I bet the NSA had deployed some great security measures in their networks, only to have those measures defeated by a low-level contract employee.
32 weeks ago
32 weeks ago Link To Comment
Cyber attackers and virus trolls should be sent to cub FED for 20 years along with the trolls who scam $26 billion a year from hard working folks, the only way to stop them is punishment
32 weeks ago
32 weeks ago Link To Comment
Chemically blinding them and cutting their hands off. Then leave them in the middle of the jungle to fend for themselves. Fair is fair.
32 weeks ago
32 weeks ago Link To Comment
Don't have much use for the Constitution, do you?

Or at least not that inconvenient part about "cruel and unusual punishment".
32 weeks ago
32 weeks ago Link To Comment
View All