An analysis of federal energy records has revealed that parts of the US power grid are attacked online or in person every few days. This threat is now also looming over major cities outside the US such as London.
After analysing federal data and surveying more than 50 electric utilities, USA Today described the power grid as vulnerable to a major outage that could affect millions. Although a cyberattack has not yet caused a major loss of power, the mechanisms guarding the grid undergo small hacks multiple times a week. The Department of Homeland Security was alerted to 151 energy-related “cyber incidents” in 2013, up from 111 in 2012.
But, since 2013, the attacks have escalated hugely with probes now continuously taking place, according to the Edison Electric Institute.
The massive power outage that occurred across the US NorthEast in 2003 is evidence that national power grids in even the most developed countries are vulnerable to cyber attacks. While no one at the time thought of attributing the widespread outage to a cyber attack, investigations revealed that the outage was originally caused by a software bug in the alarm system at a control room of the FirstEnergy Corporation, located in Ohio.
The failed alarm left operators unaware of the need to re-distribute power after overloaded transmission lines hit some trees. This triggered a race condition in the control software and the local blackout cascaded into a widespread power outage.
There are now growing fears on both sides of the Atlantic that terrorist groups or hostile governments might be behind the repeated attempts to hack into the power grids’ control systems. Other possibilities include that of an organised criminal gang (OCG) using the threat of repeated power outages to hold a city such as New York or London to ransom.
A group of terrorist hackers located in Iran called Parastoo is already known to be actively recruiting software engineers with precisely those skills needed to bring down the power supply in a major city such as New York or London. Parastoo has already been linked to a military-style attack on an electric power station, the PG&E Metcalf substation in California on 16 April 2013. Parastoo now claims it has been testing national critical infrastructure using cyber vectors.
Although cities in the US and Europe appear equally vulnerable to a determined cyber attack, the US national grid is particularly at risk.
Jon Wellinghoff, former chairman of the Federal Energy Regulatory Commission warns that the power grid is currently “too susceptible to a cascading outage” because of its reliance on a small number of critical substations and other physical equipment.
Such an attack could leave areas populated by millions of Americans without power. The US national grid operates as an interdependent network and, if one element fails, energy must be drawn from other geographical areas. It is an essentially old-fashioned system which predates the era of cyber terrorism.
A determined cyber attack by a group such as Parastoo would involve ensuring that multiple parts of the US Grid failed at the same time. If successful, this type of attack would result in what has been called “a cascading effect” that could rob millions of people of power for weeks, perhaps even longer.
According to Wellinghoff, “Those critical nodes can, in fact, be attacked in one way or another. You have a very vulnerable system that will continue to be vulnerable until we figure out a way to break it out into more distributed systems.”
It is easy to underestimate the potentially devastating effect that a major power outage lasting weeks might have on a city such as London or New York. It would not merely be a question of lost production and a rush in the shops for torches as happened in the UK during the energy workers’ strikes in the early 1970s.
Today’s economy and society is far more electronic and computerised than that of four decades ago. Our financial systems are powered by highly-sophisticated real time computer systems, as are all the cash dispensers. A major power outage could also cripple shop tills and retail security systems, meaning that most shops and stores would be forced to close until the power was restored.
Unless a government acted very quickly to ensure food was distributed and that authority was maintained, it could be forced to deal with looting mobs looters pillaging the blacked out city streets. Civic and economic disruption on this level would represent a terrific victory for a terrorist cell or hostile power.
Power companies in the West must now work closely with their governments to try and safeguard their power grids as far as they able. At the very least, they should ensure that their power grids are made more robust and that their IT systems are secured against cyber attacks.
Stuart Poole-Robb is the chief executive of business intelligence and cyber security adviser, the KCS Group.