Turning power lines into battle lines

Cyber attacks on the power grid threaten critical infrastructure as nation-state hackers probe SCADA and ICS networks, exploit Aurora-style vulnerabilities, and target utilities with malware, risking prolonged blackouts despite NERC CIP defenses and resilience efforts.

A new and increasingly ominous threat to global security is growing in the shadowy realm of cyberspace.

The danger does not stem from the usual suspects — hackers and criminals who prowl the Internet to steal credit card numbers and personal identities. As we mark Cyber Security Awareness Month, there is growing evidence that the grid is growing more vulnerable to cyber spies and cyber terrorists — some working on their own, others sponsored by nation states — who have their eyes on a much bigger prize: North America's system of electrical generation and transmission.

This is not digital crime. This is cyber war: a deliberate attempt to turn our power lines into battle lines. Multiple covert intrusions into computer systems that control the electrical grid have already been documented by U. S. national security officials, with U.S. power plants vulnerable according to reports, most recently in April 2009.

"We know they have done reconnaissance of our power grid," says James A. Lewis, senior fellow and director of the Technology and Public Policy Program at the Center for Strategic & International Studies in Washington, D.C., whose expert warning has echoed in policy circles. "They are looking for weak spots — places where they can launch malicious code."

Electrical industry studies and voluminous Congressional testimony by experts in the field confirm that numerous vulnerabilities to cyber intrusion exist throughout our system of power generation and transmission. If coordinated cyber attacks designed to exploit those weaknesses were to take down even one of the continent's regional electrical grids, vast portions of Canada and the United States could be plunged into darkness for a year or longer.

The dangers inherent in a cyber attack on the grid were made shockingly clear — as the broader cyber threat to the grid was under review — in a little-known 2007 U. S. Department of Homeland Security experiment code-named "Aurora." In the experiment, a massive generator similar to those that produce much of North America's electrical power was deliberately hijacked by cyber "attackers" and its computer controls given a new set of instructions. Enslaved by its new programming, the multi-tonne generator jumped off its footings, spewed smoke and, ultimately, self-destructed.

Generators of the type destroyed in the Aurora experiment are not off-the-shelf items that can be replaced easily. Most are manufactured in China and other overseas locations, and each requires months to be assembled and shipped.

Should the "Aurora" vulnerability ever be fully exploited in multiple locations in North America, the result could be the loss not only of light and heat for an indefinite period, but also the breakdown of water-and sewage-treatment capabilities, the crippling of transport and communications systems (including those of law enforcement and the military), the spread of uncontrollable epidemics, the near-total cessation of economic activity and widespread civil unrest bordering on chaos.

"If you're able to take down part of the electrical grid, pretty much everything else fails," says James Woolsey, former director of U. S. Central Intelligence. "You're not back in the 1970s; you're back in the 1870s."

Cyber crime alone is now a multi-billion-dollar problem worldwide. But the effects of a coordinated cyber-terrorist attack against the North American grid would make those billions seem like pocket change in comparison.

"If you were to take out a third of the United States' electricity generation for six months, the dead loss out of the economy would be upwards of $1.7-trillion," says John Bumgarner, research director for security technology of the nonprofit U. S. Cyber Consequences Unit. "That's trillion. And if you extrapolate the resulting effects, the full cost ends up being about $6.7 trillion."

A number of private and governmental bodies are already addressing the issue of potential cyber attacks against the grid. Foremost among these is the North American Electric Reliability Corporation (NERC), which conducts assessments of the reliability and adequacy of the bulk power network and has alerted grid owners to cyber security responsibilities as part of its mission. NERC's newly created Critical Infrastructure Protection program is now developing stringent security standards for the cyber systems that are employed in electrical generation and transmission.

But countering the threat of cyber war will require international co-operation — in the development of more robust cyber defences for computer-control systems around the world, as well as in enhanced information sharing between countries and among targeted industries and governments, with Canadian producers wary of U.S. cyber bills encouraging cross-border dialogue today.

Above all, says former U. S. Congressman Lee Hamilton, currently co-chair of the National Security Preparedness Group, we need a clearer understanding of the urgency of the challenge and a renewed focus on protecting the U.S. power grid to meet it.

"Some day, somewhere, sometime, we're going to have a massive cyber attack," says Hamilton. "You can almost bet on it."

We have been warned. The danger is real. And the threats are proliferating — out there, somewhere, in the shadowy realm of cyber space.

Related News

• Electricity Forum News

• Grid Technologies News