On December 23, 2015, a group of hackers infiltrated and disabled three major power stations in Western Ukraine, leaving 230,000 homes without power in the middle of a freezing winter. It was the first major cyber attack on a power grid in history. Scarily, far from being soft targets, those Ukrainian power stations had better cyber protection than most US ones.
Foreign policy experts have been warning about a crippling cyber attack on vital US infrastructure for years, but after the Ukrainian attack, those warnings have become deadly serious. In Ukraine, power was restored after six hours by using manual backups—which US substations lack. If a similar attack hit the US, the power could stay out for months on end.
Such attacks are increasing in number. In mid-2015, France’s TV5 was almost destroyed by Russian hackers. In winter 2016, Ukraine’s power grid was hit again.
It was reported on December 30, 2016 by the Wall Street Journal:
Cyberattacks that have knocked out electric utilities in Ukraine, including one suspected hack earlier this month, have renewed concern that computer criminals could take down portions of the U.S. power grid.
The following report comes from Secure the Grid website:
The Basics of Grid Security
America’s electric grid, data centers, telecommunications networks, and other critical infrastructure can be damaged or destroyed in several different ways: a nuclear weapon that generates an EMP (Electro-Magnetic Pulse) effect; a geo-magnetic storm from the sun that also can generate an EMP effect; a smaller, localized EMP that can be created with everyday equipment from Radio Shack; cyber warfare; and direct physical attacks.
Electro-Magnetic Pulse (EMP) – Technology’s Worst Nightmare
A nuclear EMP is a very real threat, given what we know about the Iranian and North Korean nuclear weapons and ballistic missile programs. Both countries have demonstrated advanced capabilities to create a functioning nuclear warhead as well as to build and test the ballistic missiles that might be used as delivery vehicles for such weapons.
Devices capable of subjecting transformers and other critical infrastructure to localized, but destructive, levels of EMP can be built from readily available equipment. While the damage would not be anywhere near as devastating or widespread as a nuclear EMP device might cause, the ease of acquiring and assembling parts obtainable from a local electronics shop means that terrorists have a relatively easy way to cause significant damage to local communities.
The April 2013 attack on an electrical substation near San Jose, California demonstrates both the vulnerability of our physical grid infrastructure as well as the fact that terrorists also have been thinking about multiple ways to attack us. Assailants who were never apprehended attacked the Pacific Gas and Electric Metcalf substation with automatic rifle fire on the night of 16 April 2013. Firing more than 100 shots altogether, they knocked out 17 transformers and, even though electric officials were able to avert a blackout, the damage took 27 days to repair. Jon Wellinghoff, chairman of the Federal Energy Regulatory Commission at the time, called the attack “the most significant incident of domestic terrorism involving the U.S. power grid that has ever occurred.
Cyber Attacks & Terrorism
The U.S. Department of Homeland Security (DHS) reports that cyber attacks on the electric grid system are increasing in both frequency and sophistication. Such attacks come from a variety of different sources, including nation states and sub-national terrorist organizations. Concern over their ability to hack into U.S. power grid software and possibly disrupt the electrical supply system is growing because such an attack could be one of the quickest ways to destroy the U.S. economy.
A natural occurrence even if no enemy attacks our electric grid, we know that the sun will. That is because the sun regularly is shooting off geo-magnetic storms in every direction. It is only a matter of time before one of those flares hits the earth straight on with exactly the same EMP-type of effect as if it were a nuclear bomb.
In fact, we know that in 1859, a massive solar flare that came to be known as the “Carrington Event” (after the astronomer who explained what happened) struck the earth and generated fires in telegraph offices as well as extraordinary northern lights displays.
Because everything in modern life now requires electric power, the 1859 event was nowhere near as catastrophic as the same kind severe geomagnetic storm would be today. Were such a solar storm to strike the earth today, the damage would be in the trillions of dollars, but worse yet, societies all over the world would be devastated. Human life as we know it could be wiped out.
The U.S. government is well aware of these threats to our electric grid and the threats that EMP, cyber and physical attacks, and the sun can pose to it. In fact, eleven different studies conducted or sponsored by the federal government over the past decade have concluded the same thing: unless steps are taken – and soon – to secure our electric grid, we risk catastrophic consequences which include horrific loss of life, widespread destruction of property, and complete societal breakdown.
It may only be a matter of time before the US is targeted.