Utility officials wary of cyberattacks but say lengthy widespread outage is ‘implausible’
What is in this article?
Utility officials wary of cyberattacks but say lengthy widespread outage is ‘implausible’
With this in mind, the U.S. Department of Energy has announced a $23 million research program to help find solutions that can detect efforts to attack the grid and accelerate appropriate responses to them, according to Patricia Hoffman, assistant secretary for the Office of Electricity Delivery and Energy Reliability at the Department of Energy (DOE).
“We’re looking to partner with industry on some ideas that could be game changers for the industry in developing advanced capabilities and capabilities to mitigate and respond to cyber events,” Hoffman said. “Where we’re at is really trying to dive down into abnormal behavior and then get into some proactive stances for the industry in solving problems.
“But this is all part of a larger effort, where we’re looking at grid monitorization in general. There are multiple risks to the electric grid—whether it’s climate, whether it’s cyber, whether it’s weather or physical security—and we do need to modernize our grid at large.”
In its efforts to make the power grid as reliable as possible, the utility industry faces many of the same issues as other enterprises in terms of trying to balance the importance of security against enhancing functionality, access and ease of use by employees and contractors.
“Remote access is a part of the business in power operations,” Cauley said. “If you can imagine a vast grid, and we have contractors and vendors who help support the testing and maintenance, and we have workers all over the place who want to tap into portions and do their work, maintenance and testing.
“It is also a path for risk and exposure, so I think the [NERC] commission is correct in being concerned about that. All utilities have a good set of controls and procedures about who has access to these remote points and reviewing, in terms of contractor access and so on. So, the dialogue we’re having with the commission around the standard is how limiting and how tightly the controls need to be around that remote access.
“The disadvantage of tightening further is that it makes it harder to get the work done, make it more expensive and a cost factor, but it limits how effectively you can take advantage of the technologies that are available. So, it’s one of those tradeoff things of access and security versus cost, expedience and efficiency and being able to maintain the equipment and take care of it and make sure that the system is reliable.”
The best thing a utility can
The best thing a utility can do is to have no path between critical systems and the internet–no amount of firewalls work better than that! Government bureaucracy created to fight this issue–compounds it!
An internet cyber attack
An internet cyber attack possibility may well be controlled, but have you considered the massive physical damage to equipment at the ends of transmission lines which can be caused by an EMP attack? Perhaps we are too comfortable living in our own delusions. Several weeks/months without power will cause massive disease and lack of food. Consider for the missile tests of North Korea, China, & Iran. They are already placing satellites into orbits over the U.S.A. which can produce overhead EMP explosions and destroy our national electrical grid. Individual private power companies don’t want to spend the money to harden their equipment against EMP attacks. The Federal Govt. must lead the way.
As a person who has worked
As a person who has worked his whole career in the power industry, I would think that the thing that would be really damaged by EMP, more than the grid equipment, would be all of the relaying and communications electronics that control it. A few watts in the wrong place could decimate those things.