Utility officials wary of cyberattacks but say lengthy widespread outage is ‘implausible’
What is in this article?
Utility officials wary of cyberattacks but say lengthy widespread outage is ‘implausible’
Gerry Cauley, president and CEO of the North American Electric Reliability Corp. (NERC), agreed but acknowledged that cyber threats against the U.S. power grid are very real.
“It is extremely unlikely, but I do think that it is prudent for us to be concerned,” Cauley said. “I think it is prudent for us to think in terms of worst-case [scenarios], and that’s why we do take such extreme measures in terms of playbook planning, coordination among agencies and [grid exercises of attack scenarios] to make sure that we understand our roles and responsibilities and what a large-scale crisis looks like.
“So, we do remain concerned about it, but it is extremely unlikely.”
Kevin Wailes, CEO of Lincoln Electric System in Nebraska, echoed this sentiment and said that the utility industry is known for taking steps to recover quickly from incidents that result . As an example, Wailes noted that the power grid was able to withstand a 2013 sniper attack on a Metcalf Transmission substation in California.
“I think it’s important to note that—in the Metcalf instance, as an example—there was no interruption of load associated with that incident, even though it was a major substation,” Wailes said. “The redundancy that is in the system—both with respect to the transmission-and-distribution structure, but also with respect to generation and reserves—is significant.
“Although it is extraordinarily important that we evaluate and prepare to respond to those worst-case scenarios, what the industry does on a routine basis—and we’ve been doing it for years, whether it is an ice storm or a hurricane—we basically respond to and address outage types of events. [We] probably practice it more than virtually any other industry.”
During the webinar, speakers acknowledged that there is no “silver bullet” solution to the cyber threat on utilities, but they noted that government and industry officials continue to develop and enhance a multi-layered program designed to reduce the likelihood of a successful cyberattack and enable a quick response the limits any damage.
“You’ve heard all of my esteemed colleagues on this panel talk about the reality of a multilayered approach, because they need to protect, detect and mitigate—not just one or the other,” said Edna Conway, Cisco Systems’ chief security officer for the global value chain. “To me, the innovation lies in the early real-time detection, so that the mitigation can in fact be implemented on a risk-based approach.
“Realistically, you can’t affect everything. But, if you get real-time automated anomaly detection—and we’re seeing some of that in the Internet of Things and Big Data calculations—that allow an operational-level view real time and awareness to things that may not yet be a security breach but are anomalous and need further investigation.”
The best thing a utility can
The best thing a utility can do is to have no path between critical systems and the internet–no amount of firewalls work better than that! Government bureaucracy created to fight this issue–compounds it!
An internet cyber attack
An internet cyber attack possibility may well be controlled, but have you considered the massive physical damage to equipment at the ends of transmission lines which can be caused by an EMP attack? Perhaps we are too comfortable living in our own delusions. Several weeks/months without power will cause massive disease and lack of food. Consider for the missile tests of North Korea, China, & Iran. They are already placing satellites into orbits over the U.S.A. which can produce overhead EMP explosions and destroy our national electrical grid. Individual private power companies don’t want to spend the money to harden their equipment against EMP attacks. The Federal Govt. must lead the way.
As a person who has worked
As a person who has worked his whole career in the power industry, I would think that the thing that would be really damaged by EMP, more than the grid equipment, would be all of the relaying and communications electronics that control it. A few watts in the wrong place could decimate those things.