After alert on Russian hacking, a renewed focus on protecting U.S. power grid

PJM control room

WASHINGTON -

The joint alert from the FBI and Department of Homeland Security last month warning that Russia was hacking into critical U.S. energy infrastructure came as no surprise to the nation’s largest grid operator, PJM Interconnection.

“You will never stop people from trying to get into your systems. That isn’t even something we try to do.” said PJM Chief Information Officer, Tom O’Brien. “People will always try to get into your systems. The question is, what controls do you have to not allow them to penetrate? And how do you respond in the event they actually do get into your system?”

PJM is the regional transmission organization for 65 million people, covering 13 states, including Pennsylvania, and Washington D.C.

On a rainy day in early April, about 10 people were working inside PJM’s main control center, outside Philadelphia, closely monitoring floor-to-ceiling digital displays showing real-time information from the electric power sector throughout PJM’s territory in the mid-Atlantic and parts of the midwest.

#google#

Donnie Bielak, a reliability engineering manager, was overseeing things from his office, perched one floor up.

“This is a very large, orchestrated effort that goes unnoticed most of the time,” Bielak said. “That’s a good thing.”

But the industry certainly did take notice in late 2015 and early 2016, when hackers successfully disrupted power to the Ukrainian grid. The outages lasted a few hours and affected about 225,000 customers. It was the first publicly-known case of a cyber attack causing major disruptions to a power grid. It was widely blamed on Russia.

One of the many lessons of the Ukraine attacks was a reminder to people who work on critical infrastructure to keep an eye out for odd communications.

“A very large percentage of entry points to attacks are coming through emails,” O’Brien said. “That’s why PJM, as well as many others, have aggressive phishing campaigns. We’re training our employees.”

O’Brien doesn’t want to get into specifics about how PJM deals with cyber threats. But one common way to limit exposure is by having separate systems: For example, industrial controls in a power plant are not connected to corporate business networks.

Since 2011, North American grid operators and government agencies have also done large, security exercises every two years. Thousands of people practice how they’d respond to a coordinated physical or cyber event.

So far, nothing like that has happened in the U.S. It’s possible, but not likely, according to Robert M. Lee, a former military intelligence analyst, who runs the industrial cybersecurity firm Dragos.

“The more complex the system, the harder it is to have a scalable attack,” said Lee, who co-authored a report analyzing the Ukraine attacks. “If you wanted to take out a power generation station– that isn’t the most complex thing. Let’s say you cause an hour of outage. But now you want to cause two months of outages? That’s an exponential increase in effort required.”

For example, he said, it would very difficult for hackers to knock out power to the entire east coast for a long time. But briefly disrupting a major city is easier. That’s the sort of thing that keeps him up at night.

“I worry about an adversary getting into, maybe, Washington D.C.’s portion of the grid, taking down power for 30 minutes,” he said.

The Department of Energy is creating a new office focused on cybersecurity and emergency response.

Deterrence may be one reason why there has not yet been a major attack on the U.S. grid, said John MacWilliams, a former senior DOE official who’s now a fellow at Columbia University’s Center on Global Energy Policy.

“That’s obviously an act of war,” he said. “We have the capability of responding either through cyber mechanisms or kinetic military.”

In the meantime, small-scale incidents keep happening.

This spring, another cyber attack targeted natural gas pipelines. Four companies shut down their computer systems, just in case, but they say no service was disrupted.

Related News

russian hackers

Russians hacked into US electric utilities: 6 essential reads

WASHINGTON - The U.S. Department of Homeland Security has revealed that Russian government hackers have gained deep access to hundreds of U.S. electrical utility companies, gaining far more access to the operations of many more companies than previously disclosed by federal officials.

Securing the electrical grid, upon which is built almost the entirety of modern society, is a monumental challenge. Several experts have explained aspects of the task, potential solutions and the risks of failure for The Conversation:

 

1. What’s at stake?

The scale of disruption would depend, in part, on how much damage the attackers wanted to do. But a major cyberattack…

READ MORE
Barakah nuclear power plant

Several Milestones Reached at Nuclear Power Projects Around the World

READ MORE

us-nonprofit-invests-in-electric-trucks

U.S. Nonprofit Invests $250M in Electric Trucks for California Ports

READ MORE

ev charging station

Electric Utilities Plot Bullish Course for EV Charging Infrastructure

READ MORE

maryland solar power panels

Maryland opens solar-power subscriptions to all

READ MORE