Cybersecurity and the power grid
Do we need a wakeup call?
By TRAVIS HIGH
In the face of the mounting threats of cyberattacks and the vulnerable, interdependent electric grid systems, governments, utilities, businesses, and people need to come together and do what is necessary to be prepared. No one can afford to be complacent.
This was the message at the Energy Infrastructure and Cybersecurity forum held by Leaders in Energy at Make Offices in Arlington, VA (Clarendon) on June 1, 2017. Janine Finnell, Executive Director and Clean Energy Ambassador, Leaders in Energy, opened the event and introduced Christian Dorsey, Arlington County Board Member, who gave welcoming remarks.
The panel was moderated by Dr. Elvin Yüzügüllü, author of Synergies for Sustainable Energy, and included an outstanding group that brought together international, national, local perspectives to a subject that, as they acknowledged, is very complex:
- Marc Elsberg, Vienna-based author of the techno-cyber thriller Blackout
- Scott Aaronson, Security Executive at the Edison Electric Institute
- Paul J. Feldman, a board member at AMP Electric, Opus One, and EnergySec
- John Morrill, Arlington County Energy Manager
Vulnerability of energy infrastructure
What first brought Finnell to this topic was aftermath of the 2012 Derecho storm, which caused a serious power outage in the Washington, DC region. In his remarks, Dorsey said that around three quarters of households lost power, some of them for as long as five days. In the sixth largest metro area in the U.S., that can amount to a huge loss of productivity, in addition to serious risks to health, safety, and welfare.
This event hatched around a serendipitous connection. Dr. Yüzügüllü found out that Elsberg was traveling to the U.S. for a book tour to promote Blackout and thought he might be a good speaker. Then by sheer coincidence, in May 2017 there was the ransomware cyberattack that affected users all over the globe, as Finnell mentioned in her remarks.
The bestselling fictional novel by Elsberg covers the aftermath of a massive, Europe-wide blackout. The repercussions that unfold in the narrative may seem extreme, but as Elsberg pointed out, if you don’t think a catastrophic event can happen, think again.
He referred to an incident in Europe in November 2006, in which a fault in transmission destabilized the grid and led to a blackout that affected millions of people. Within seconds, a single event like that could happen. See the final report on that incident from the German Bundesnetzagentur (Federal Network Agency for Electricity, Gas, Telecommunications, Post and Railway).
What happened in 2006 was accidental in this case, but a blackout can occur from any number of causes, including foul play, as it did in Blackout (no major spoilers here!). After reading his book, the CEO of a German energy company hired a hacker to do a penetration test to see how long it would take to get through their defenses. “How long do you think it took,” Elsberg asked the audience, “two days, two weeks, or two months?”
“Well, it was a trick question,” Elsberg said dryly. “It was two hours!”
Could it really be that easy? Whatever the source of the disturbance, according to Feldman, distribution outages can cost over $100 billion each year in the U.S. alone. In Blackout, Elsberg depicts with surprising detail how the supply of everyday goods could break down within a couple of days. Even in the first chapter (Day Zero of the blackout), cars start queueing up at the gas stations, which of course don’t have the power needed to pump gas.
During such an event, Morrill highlighted, the level of expectation that the power be restored would be fixed – NOW – would be extremely high and growing swiftly by the minute.
System of systems
Elsberg opened his talk with a comment on the interdependencies that have been built into the electric grid over the past few decades. We are “living in a system of systems” environment, he said, where power, communications, finance, and logistics have all become interdependent.
From the perspective of the U.S. grid, Feldman described how the major Eastern, Western, and Texas interconnections feed into the Supervisory Control and Data Acquisition (SCADA) system, a system that manages critical infrastructure. Such centralization can run the risk of contagion if one part of the grid becomes unbalanced, as it did in Germany in 2006. Learn more about the Interconnections on the U.S. Department of Energy website. Here is a recent report on the vulnerabilities in these systems from Trend Micro. The U.S. Department of Homeland Security also has some useful resources on recent incidents and countermeasures.
During the question and answer period, a question arose about whether, in the context of all this interconnectivity, there is tension between the larger utilities and those pushing distributed generation? Distributed generation is small-scale energy production, and proponents say decentralized production of renewable energy can reduce greenhouse gas emissions. Ideally, Elsberg said, there should be a transformational process for moving to a renewable-based, decentralized system.
Morrill also said that he does see some tension in Virginia with what is a vertical, integrated utility, but where the market is moving very quickly. In Arlington, there is a lot of work on distributed generation. Ever since the 2012 Derecho storm, Morrill has seen exponential growth in interest in backup diesel generators and battery systems. Aaronson gave a word of caution with this mode of electricity generation; that is to carefully consider what security requirements are necessary for smaller players. Might we need a policy of “You must be this tall to ride” in terms of the safety protocols necessary to be connected to a grid?
Whether a threat to the grid comes from a squirrel or nuclear war; whether an incident is likely or unlikely to occur; and whether its potential damage or impact is low or catastrophic, Aaronson said that utilities must be prepared to face it.
He added that “resilience is about taking an incident, applying the lessons, and then the next time something happens to test the system, maybe you will be prepared,” giving the example of a reported cyberattack in Ukraine. That attack caused an outage of up to six hours, affecting over 200,000 people. Other energy companies and utilities, he said, can use incidents like these as “teachable moments.”
Recently, for instance, following the experience of Hurricane Sandy, the state government in New Jersey started a program for gas stations to be fitted with backup power. Otherwise, the cost of installing a backup power system may be prohibitive for some owners.
Another way to learn and adapt is through independent vulnerability assessments. Aaronson confirmed that there are red team-blue team exercises conducted by plants, sometimes involving third party simulations. Even though there is some risk of exposure in conducting such exercises, he said, it is far better to find out vulnerabilities from well-intentioned collaborators. Find out more about the red team-blue team method.
He added: “[In this industry] we have to be right 100% of the time; a hacker has to be right just once.” The strategy against such a threat is to build up your security as much as you can, and meanwhile prepare for what might happen. He argued that the critical infrastructure possessed by utilities is a vital asset, and there should be due investment in it. Morrill echoed his statements, adding that beyond investment, maintenance efforts are crucial.
One of the audience members asked about the balance between investment in people and technology, and which of the two carries more weight toward mitigating threats. Although both are important, Aaronson argued that utilities should focus on hiring and training people with the necessary skill sets. He reasoned that technologies can fail, and someone needs to be there to fix it. This is yet another reason why there needs to be greater investment in STEM education and training.
When it comes to preparedness at the community level, Morrill also highlighted the importance of individuals being prepared. He warned that protocol dictates that critical infrastructure – such as communications centers and hospitals – be prioritized in any kind of a response situation. This means that residential customers and businesses may not have power restored right away in the event of a blackout, in situations where it is not possible to restore coverage everywhere right away. Hence the need for us all to be prepared.
Begin a conversation
In his welcoming remarks, Dorsey stressed the importance of having open conversations about the vulnerabilities in the electric grid and the need for community preparedness. The risks presented by the state of cybersecurity can be existential for the industry. The severity of the damage caused by the Ukraine cyberattack is a case in point.
To that end, Aaronson commended the utilities industry for coming together at the highest levels to discuss cybersecurity, citing it as evidence that “they take this stuff seriously.” That said, he acknowledged that it is not easy to bring everyone to the same table and deal with threats as complex as these.
One initiative that is meant to bridge information gaps is the Electricity Information Sharing and Analysis Center (E-ISAC), an industry grouping that works with government on cybersecurity and infrastructure issues. Aaronson said that protection of critical infrastructure must be a shared responsibility, with government and industry working closely together.
He added that policymakers and stakeholders in the field should approach cybersecurity “like adults” and recognize that there are adversaries in the world seeking to inflict harm, not to mention the everyday squirrels on power lines. The message should be that we all need to be prepared.
In closing, Annette Osso of Resilient Virginia thanked Elsberg for putting these critical issues into a fictional account that can spread the message of the urgency of being prepared for potential cyberattacks or other incidents. It was suggested that anyone interested in pursuing this subject further could join together for a book club. If anyone is interested in doing so, please contact us at @leadersinenergy on Twitter.
Leaders in Energy would like to thank the following individuals representing sponsors for this event:
Darktrace (Clean Energy Leader sponsor): Andrew Gyenis
CSRA (Environmental Leader Sponsor)
Groupsense (Venue sponsor): Brandon Wood
Edge Hosting: Joseph DiMaria
FilmBison Media: Nick Hanson
Sourcebooks (Blackout Survival Kit Sponsor)
Additional support from: Arlington Green and WethePizza
Photos courtesy of Agustín N. Cruz, firstname.lastname@example.org.
Leaders in Energy is building a community of engaged leaders to create a sustainable energy system, economy, and world. More information is available at https://www.lercpa.org and in the Leaders in Energy Research, Communication, Policies & Analysis (LERCPA) LinkedIn group. The three main pillars of engagement are green jobs, impactful leadership, and actionable solutions for sustainable communities.