Cyber Vulnerabilities and Threats

Source: Energy.gov

Source: Energy.gov

Cybersecurity is a real and concerning issue as the power grid becomes more interconnected and computer driven. There are several benefits for an interconnected and networked power grid including: cheaper rates for customers, energy efficiency, and shorter outage times. Combine these benefits with the increased desire for renewable sources of power and there is a clear and justified need for building a connected and computer-controlled grid.

However, as the power grid transitions towards a more connected and digitally controlled system, there are a number of vulnerabilities that emerge as a result. Vulnerabilities can range from hardware, software, or system level and if exploited can result in the physical destruction of equipment and the loss of power to paying customers.

 

Common Cybersecurity Misconceptions:

  • Air-gapped networks are immune to cyber threats
  • Firewalls are enough
  • The NERC-CIP standards protect the entire grid from cyber threats

Real World Cases

Videos

US power grid increasingly vulnerable to cyber threats
AP: Attacks on US Power Grid Could Darken Cities. Dec 21, 2015

Electric Grid Security Federal officials and energy industry representatives testified at a hearing on the threat of a cyberattack on the U.S. electric grid. Craig Fugate, the Federal Emergency Management Agency (FEMA) administrator, told committee members the federal government needs to address long-term response and planning should the nation’s electrical grid be taken out by a cyber or physical attack for lengthy amounts of time.

Homeland Security: Cybersecurity, Infrastructure Protection, and Security Technologies “Cyber Preparedness and Response at the Local Level”

Cybersecurity Admiral Michael Rogers testified on the nation’s cyber infrastructure. Admiral Rogers said that America cannot combat ISIS* propaganda on the internet by simply shutting it down.

* The Islamic State of Iraq and Syria (ISIS), the Islamic State of Iraq and the Levant (ISIL), or DAISH/DAESH in Arabic is a militant group that has called itself the Islamic State.

Subcommittee on Energy and Subcommittee on Research and Technology Hearing: Cybersecurity for Power Systems

April 10, 2014

Electric Grid Security and Reliability Witnesses testified on strategies to increase the reliability and security of the electric grid from cyber and physical attacks. They also discussed the impact of Environmental Protection Agency greenhouse gases rules on the availability and price of electricity to consumers. Another topic included the attack on California’s San Jose Medcalf transmission station in 2013. In that incident attackers shot transformers disabling them. No major power outages occurred because officials were able to reroute electricity immediately.