When tensions got white-hot between the United States and Iran over the assassination of Iranian general Qasem Soleimani, it was widely believed the U.S. electric utilities would bear the brunt of Iranian reprisals. The nation’s electric industry leaders spent anxious hours wondering where, when and how bad?
It did not happen, but the alarm was well-founded. It followed mounting concerns flagged last December by the National Infrastructure Advisory Council and followed by an equally alarming report this month from Dragos, a leading cybersecurity consultancy that issues a threat assessment annually.
The Dragos report predicts a possible multi-pronged attack, striking at vulnerabilities in the utilities including those in the supply chain. Dragos identifies threats from attacker groups Magnallium and Xenotime. These have, according to Dragos, migrated from attacking oil and gas installations to electric utilities. It does not name countries.
Dragos states that the complete energy infrastructure is under attack and that the attacks are getting more sophisticated. A group identified by Dragos last year, Parasite, has been focusing on remote connectivity and virtual private networks as points of entry.
It is easy to read these warnings, and another by the Congressional Research Service, as announcing inevitable gloom. But a lot of people in and out of government are now centered on the cybersecurity problem. These include the departments, of Energy, Defense, Homeland Security and the intelligence agencies that prepare the counterattack capability.
As attacks get more sophisticated and penetrating, so too do the defenses and the ability of the targets to “lock out” invaders. Defenses can also include hardening systems that are not involved in electricity production and distribution — communications, for example.
Morgan O’Brien is a legend in the telecommunications industry. He was the co-founder of Nextel, the company that gave the world cellphones. He now works in the utility space: His mission is to harden communications by providing private broadband networks that are independent of everything — including the internet — and will survive most disasters, natural and man-made.
O’Brien is president and CEO of Anterix, which offers secure broadband via the 900 MHz spectrum that it has acquired. He told me, “People do not have to use imagination to understand what may happen to them in the event of a wide-scale power outage. Who can forget watching the collapse of civilization within a day or two of Hurricane Katrina?”
The good news, according to O’Brien, “is that progressive utilities and regulators are preparing for the worst by redesigning the architecture of the electric grid to pinpoint grid failures and in near real-time reroute power to isolate the failure, thus curtailing cascading power shutdowns.”
The magic number for O’Brien is 1.4 seconds. That is how long he says it would take the electric utility to learn of a failure using one of his company’s private networks. So, if a power line fails, in almost real time the utility will know. Remediation or isolation can begin.
Most security is directed at protecting and isolating industrial controller systems, the computer-driven programmable devices that are at the heart of all industrial installations including utilities. But there are other vulnerabilities, not all to do with cyberattack.
The New York Times reported graphically last October on the failure of communications at Pacific Gas and Electric, the giant San Francisco-based utility beset by wildfires. Everything went wrong and the company lost its ability to tell its customers, including nursing homes and other essential users, when it was cutting off the power. Even the state emergency services could not reach the utility control room, while, to quote the Times, “chaos unspooled outside.”
How vulnerable is the grid? While no one will quantify the threat, everyone I have talked to says it is there and very real. Fixing and it keeping it ahead is part of the new need for an ever-evolving infrastructure.
But as O’Brien says, “For sure, the grid is under attack daily by bad cyber-activists and is routinely hammered by weather phenomena. The doomsday scenario is plenty scary, but I’ll put my money on American technology and determination to keep the lights on.”
The enemy is out there in a hostile world, but the battlements are manned by old and new forces.