The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 

Post

No, a cyberattack isn’t going to shut down the power grid

Tom Alrich's picture
Supply chain Cybersecurity Risk Management and NERC CIP-013 consulting Tom Alrich LLC

Currently with Tom Alrich LLC, I provide strategy and compliance consulting to electric power industry clients and vendors to the power industry, focusing on the NERC CIP cybersecurity standards....

  • Member since 2018
  • 199 items added with 48,134 views
  • Jun 9, 2021 10:35 am GMT
  • 355 views

On Monday, CNN published a story that led off with this:

Energy Secretary Jennifer Granholm on Sunday warned in stark terms that the US power grid is vulnerable to attacks.

Asked By CNN's Jake Tapper on "State of the Union" whether the nation's adversaries have the capability of shutting it down, Granholm said: "Yeah, they do."

Your access to Member Features is limited.

"There are thousands of attacks on all aspects of the energy sector and the private sector generally," she said, adding, "It's happening all the time. This is why the private sector and the public sector have to work together."

I’m sure Secretary Granholm meant well when she said that – not wanting to lull people into thinking the problem of grid security was solved, trying to prime the pump for more cybersecurity spending, etc. But the fact is that adversaries don’t have the capability to shut down the “US grid” with a cyberattack – or even multiple simultaneous attacks.

Period.

I don’t think anyone at all familiar with how the electric power industry works in the US will be surprised by this statement. But a lot of other people really do think this is possible, motivated as far as I know by movie plots. You might sell a lot of tickets if you show the whole US grid collapsing, but you have to classify the movie as fantasy, because that’s what it is. Here are some of the major reasons why I say a cyberattack that would take out the whole or even a large portion of the US grid - hell, even just 3 or 4 states - is about as probable as the discovery of Bigfoot in a Wall Street bank:

·        The US participates in three completely disconnected AC grids: The Eastern and Western Interconnects and ERCOT, which covers a large portion of Texas (Quebec also has its own grid).

·        To bring down the US grid, you would have to launch devastating attacks on all three Interconnects.

·        There’s no single point – or even 4 or 5 points – that you could attack to bring down a whole Interconnect. So in each Interconnect, you would have to launch devastating attacks on a number of assets at exactly the same time. And they would all have to be the same type of asset: generating plants, distribution substations and control centers, or transmission substations and control centers.

·        Forget about causing a cascading outage by attacking generating plants. See my quote at the end of this 2018 E&E News article and the post I wrote on the subject shortly afterwards.

·        And forget distribution substations and control centers.

·        This leaves transmission substations and control centers. In theory, if you were to penetrate enough control centers and substations in each Interconnect, you might cause a widespread cascading outage. How many? I’d guess at least ten per Interconnect, but it’s probably more than that (certainly in the Eastern and Western Interconnects, perhaps not in ERCOT).

·        But you really can’t attack transmission substations. Their control systems are virtually never connected to the internet. They’re always connected to a control center, though, and control centers are almost all connected to the internet.

·        So how do you get into a control center? Download a script from the dark web, type in an IP address (handily displayed on a utility’s web site, since as we all know utilities are quite happy to give you all the information you’d possibly need to attack them 😊), and hit Go (or whatever the button is called. I haven’t launched any devastating grid attacks lately, so I can’t remember what the button says)?

·        I regret to say it’s a lot harder than that. In fact, the sharpest attackers are constantly pounding on transmission and distribution control centers, and there’s never been a successful cyberattack on a single one in North America (as well as much of the rest of the world). In part because control centers have been protected by really tough cyber regulations for almost 20 years (by NERC CIP since 2009, and by NERC Urgent Action 1200 and 1300 before then) and also because everyone understands that they’re really crucial, you ain’t going to get in, period. And you certainly aren’t going to get into ten of them (per Interconnect).

Of course, causing a purely local outage (e.g. the area served by a single line or substation) is much more possible through a cyber attack – but again, it’s never happened in North America, and is very unlikely to. However, local outages happen all the time. Storms and squirrels are by far the biggest causes of those.

But this isn’t to say a total US grid collapse is inconceivable. An EMP event could conceivably do it. Or a solar storm – perhaps the size of the Carrington Event, which hit the US in 1859, before there was any electric infrastructure besides telegraph wires. Either of these would be devastating. In fact, a US government commission in 2008 said that, in the event of a total grid collapse caused by an EMP which caused an outage lasting a year, 66-90% of the US population would not just be badly inconvenienced. They would die.

So if you want to worry about a devastating grid attack, worry about EMP. And ask Vladimir Putin, Kim Jong-un and Xi Jinping (and maybe Ayatollah Khamenei in a few years) to please not cause one. 

Any opinions expressed in this blog post are strictly mine and are not necessarily shared by any of the clients of Tom Alrich LLC. Nor are they shared by the National Technology and Information Administration’s Software Component Transparency Initiative, for which I volunteer. If you would like to comment on what you have read here, I would love to hear from you. Please email me at tom@tomalrich.com.

Tom Alrich's picture
Thank Tom for the Post!
Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.
More posts from this member
Discussions
Spell checking: Press the CTRL or COMMAND key then click on the underlined misspelled word.
Richard Brooks's picture
Richard Brooks on Jun 9, 2021

Tom, I'm a little surprised by the depth of knowledge you claim regarding the adversaries capabilities and the confidence you show in this knowledge.

"But the fact is that adversaries don’t have the capability to shut down the “US grid” with a cyberattack – or even multiple simultaneous attacks.

Period."

I'm guessing the NSA, DHS and FBI would be interested in knowing how you know this "fact" with such certainty, along with the identity of your sources of this information. CozyBear isn't sharing any of their inner sanctum dark magic with me, perhaps there is an inner cabal which you are part of that receives this information from CozyBear and the gaggle of other nation state actors. I'll trust the DOE Secretary knows something about hacker capabilities when she made this assertion. I certainly do not have sufficient knowledge to take a position one-way or the other. Thanks for sharing your knowledge.

Tom Alrich's picture
Tom Alrich on Jun 9, 2021

Dick, if someone says the grid can be shut down, it's up to them to show a way that this could plausibly happen. I know of none.

If someone says the moon is made of green cheese, it's not my job to prove that's not the case. They need to show some evidence for their assertion.

Richard Brooks's picture
Richard Brooks on Jun 10, 2021

You could say the same for your assertion too. 

" But the fact is that adversaries don’t have the capability to shut down the “US grid” with a cyberattack – or even multiple simultaneous attacks.

Period."

Shouldn't you also be required to provide evidence that "adversaries don’t have the capability to shut down the “US grid” with a cyberattack" ?

Both you and the DOE Secretary claims are two sides of the same coin. Both sides should provide evidence as to their convictions, IMO. I suggest you look beyond the "loose statistical practices of Rob Lee" for guidance on making such claims, lacking conclusive evidence supporting your position. Bold assertions and convictions may produce good media coverage, but that does not make the claims viable or true. Show us your evidence "that adversaries don’t have the capability to shut down the “US grid” with a cyberattack " and perhaps this will prompt the DOE Secretary to offer her own evidence. That would make for some interesting reading. Do you agree?

 

 

Tom Alrich's picture
Tom Alrich on Jun 10, 2021

Any adversary needs a vector to cause the collapse of the grid. If someone says the grid can be brought down, there needs to be some vector for that. I know of none. The adversaries themselves have lots of smarts, so that's not their problem. Their problem is there's no way for them to cause a complete grid collapse, and nobody's ever shown me one.

Richard Brooks's picture
Richard Brooks on Jun 10, 2021

There is ample research in this area, and some empirical evidence showing how a grid can be compromised. FYI A nation state actor doesn't have to directly attack the Eastern Interconnection itself to knock out broad sections; a disruption to Natural Gas inter-state pipelines, similar to the Colonial Partners shutdown, could also have devastating effects on the Eastern Interconnection - especially during peak weather events.

Tom Alrich's picture
Tom Alrich on Jun 11, 2021

Dick, the "evidence" you provide is nonsense. It's about the attack on the Ukraine grid, that resulted in a transient outage of about 4 hours to about 500 people; there was no damage to people or property. And its cause had nothing at all to do with generation, gas or otherwise. I'm quite surprised you think this is "research" and "evidence".

Richard Brooks's picture
Richard Brooks on Jun 13, 2021

You make a good point Tom. The evidence I provided came from the SANS DUC-6 report. I have to agree, the SANS reports have become more "opinion pieces" than sound technical analysis since Mike's passing. The SANS DUC-7 report is indeed total trash. Mike Assante never would have approved of such trash "opinion pieces" to be published as a DUC.

I think you have a good point Tom; I should look for more credible sources to cite.

 

 

Tom Alrich's picture
Tom Alrich on Jun 14, 2021

I have no problem with SANS' credibility. The problem is relevance. You're supposedly pointing to evidence that a cyberattack on pipelines could have a devastating influence on even one of the 3 US grids. Your "evidence" points to a cyberattack on the Ukraine grid that cut off power to a lot of people, but there was no lasting damage at all from that attack, since power was completely restored to everybody in 4 hours. And the attack wasn't on pipelines, but on circuit breakers in several substations. This is no more "evidence" for your assertion than the statement that Napoleon lost the battle of Waterloo. 

Bob Meinetz's picture
Bob Meinetz on Jun 9, 2021

Thank you, Tom. But as I pointed out in another post yesterday, Secretary Granholm's statement wasn't intended to "prime the pump for more cybersecurity spending", either - she just misspoke. And immediately corrected herself.

"TAPPER: Do you think that adversaries of the United States have the capability right now to shut down the power grid? 

GRANHOLM: Yes, they do. 

I mean, I think that there are very malign actors who are trying. Even as we speak, there are thousands of attacks on all aspects of the energy sector and the private sector generally, I mean, the meat plant, for example."

It's important to view threats to our grid in context, and to view what authorities say about it in context.

Richard Brooks's picture
Richard Brooks on Jun 9, 2021

Bob, when I worked in the industry for an ISO, we were under constant reconnaissance and penetration attempts - that never succeeded - thankfully. Chock it up to a solid Enterprise Architecture!

Tom Alrich's picture
Tom Alrich on Jun 9, 2021

Thanks, Bob. I wasn't writing about Secretary Granholm's motives for making the statement, but just the fact that she made it. I threw out a couple possible motives just as a way of softening what I said - otherwise, I might be accused of calling her an outright liar who just wants to create a stir, which I certainly don't think is the case.

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »