The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 

Post

Why would anyone want to bring down the US grid?

Tom Alrich's picture
Supply chain Cyber Risk management - emphasis on SBOMs and VEX documents, Tom Alrich LLC

I provide consulting services in supply chain cybersecurity risk management and am now primarily focused on software bills of materials (SBOMs) and VEX (Vulnerability Exploitability eXchange). I...

  • Member since 2018
  • 373 items added with 120,900 views
  • May 16, 2022
  • 418 views

 

I’ve stated multiple times that I see just about zero likelihood of a cyberattack bringing down the US power grid (for example, in this post and this one). The reasons I’ve pointed to recently have always been related to the technical infeasibility of such an attack succeeding (although I should say “impossibility”, since I think it would be literally impossible to bring down the entire US grid with a cyberattack, no matter how massive).

But I recently remembered another reason for this opinion, which I stated in a post in 2020: Any cyberattack that succeeded in bringing down (or even substantially disabling) the US grid (actually grids, since there are three of them) would have to be carried out by a nation-state, or perhaps a huge and very sophisticated terrorist organization, like al Qaeda probably was before 9/11. Since there’s currently no such terrorist organization, the perpetrator would have to be a nation-state, like China, Russia, Iran, or North Korea.

If such an attack were carried out (whether successful or not), it would be considered an act of war, almost on the scale of Pearl Harbor. And if the US declared war on the perpetrator, there’s no way to know how far that might go – including a nuclear exchange.

Why would a nation-state, no matter what degree of hatred their leaders or people harbored for the US, risk possible total destruction, simply in order to cause a lot of damage to the US economy (and perhaps kill a lot of Americans) through an unprovoked attack? And don’t give me the “madman” story. Neither Vladimir Putin nor Kim Jong-Un, or any other world leader, is that mad that they’d risk destroying their life and the lives of their family members and friends.

If you want to worry about something that could cause a grid disaster, worry about an EMP attack or a massive solar storm (one did bring down the Quebec grid in 1989, and if the Carrington Event of 1859 had occurred today, that might well have brought down the entire US grid). Or worry about a pandemic. What would happen if one of those occurred, and the US response was so badly managed that a million people died? I agree that the idea is far-fetched, but I’d still say it’s a lot more likely than a cyberattack taking down the US grid.

Any opinions expressed in this blog post are strictly mine and are not necessarily shared by any of the clients of Tom Alrich LLC. If you would like to comment on what you have read here, I would love to hear from you. Please email me at tom@tomalrich.com.

 

Discussions

No discussions yet. Start a discussion below.

Tom Alrich's picture
Thank Tom for the Post!
Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.
More posts from this member

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »