Another Roundup of Electric Grid Security Articles

So here's a few more articles due to suggested legislation on Capitol Hill:

Recent Electric Grid Articles

Security of the Electric Grid is an occasional interest of mine after I wrote a paper about the subject at National War College.  So here's some of the latest articles:

  • 9 March 2016 - Defense One Article - "The Ukrainian Blackout and the Future of War". This article goes into a bit of detail on the event, some Russian/Ukraine background, talks about the famous "green men" and postulates future scenarios.  The ESCC is quoted as saying the same cyber attack couldn't happen in the US (because they built in protections against that one cyber vector).

  • 4 March 2016 - Christian Science Monitor Article - "Protecting critical electric infrastructure from today’s cyberthreats". NOTE - this is sponsored content!  But related none-the-less.  This is the President of the Edison Electrical Institute talking about the Electricity Subsector Coordinating Council (ESCC) and all the things they do as a liaison organization.

  • 2 March 2016 - PC Mag article - "Update: Yes, Hackers Did Steal Your Taxes and Shut Off the Power".  This article is one of many that discusses the Ukraine cyber theft of IDs and the resulting blackout of cities.
  • 25 Feb 2016 - Department of Homeland Security ICS-CERT Report - "Alert IR-Alert-H-16-056-01, Cyber-Attack Against Ukrainian Critical Infrastructure".  Report that discusses the incident and mentions the known malware BlackEnergy could be related since its signature was on several systems.
  • 23 December 2015 - A cyber attack was conducted against Ukraine power, causing blackouts.
  • 21 December 2015 - AP Article - "AP Investigation: US power grid vulnerable to foreign hacks".  This is a long detailed article, apparently from a year-long AP investigation.  Among other things this article implies Iranian hackers gained access to passwords and engineering drawings of power plants.  
    • It's dubbed the Calpine breach, and there is debate on the actual value and ability to use the information stolen:
      • User names and passwords that could be used to connect remotely to Calpine's networks, which were being maintained by a data security company. Even if some of the information was outdated, experts say skilled hackers could have found a way to update the passwords and slip past firewalls to get into the operations network. Eventually, they say, the intruders could shut down generating stations, foul communications networks and possibly cause a blackout near the plants.
      • Detailed engineering drawings of networks and power stations from New York to California — 71 in all — showing the precise location of devices that communicate with gas turbines, boilers and other crucial equipment attackers would need to hack specific plants.
      • Additional diagrams showing how those local plants transmit information back to the company's virtual cloud, knowledge attackers could use to mask their activity. For example, one map shows how information flows from the Agnews power plant in San Jose, California, near the San Francisco 49ers football stadium, to the company headquarters in Houston.
    • It also briefly mentions other recent events over the years:  
      •  "In 2012 and 2013, in well-publicized attacks, Russian hackers successfully sent and received encrypted commands to U.S. public utilities and power generators; some private firms concluded this was an effort to position interlopers to act in the event of a political crisis. And the Department of Homeland Security announced about a year ago that a separate hacking campaign, believed by some private firms to have Russian origins, had injected software with malware that allowed the attackers to spy on U.S. energy companies."




An article in the Wall Street Journal today talks microgrids.  These are a potential solution going forward to address electric grid issues.  There are a few problems that have to be addressed, however.  The first is integrating the local power generation back into the grid.  That requires rewiring, as well as load balancing by the main electric grid supplier (which also costs money).  Another issue is that as more local power is produced, the main electric grid supplier is supplying less power (which could be a good thing), but that also means they are making less money.  At some point it doesn't become profitable.  That does have to be addressed, as for the foreseeable future, there are reasons to need primary power production.

Timely article in The Hill

Power/Electric company presidents put out a defensive article today talking about recent actions they have taken to secure the grid.  Part is likely due to the EMP hearing today, and part a reaction to negative press stories on poor security given the Metcalf incident.  It's fair to realize there is a balance - some work has been done, with more yet to be done.


authors: Edison Electric Institute President Tom Kuhn, American Public Power Association President and CEO Sue Kelly, and National Rural Electric Cooperative Association CEO Jo Ann Emerson

House Committee hearing on EMP

A rescheduled House of Representatives meetings is today.


Here's their blurb:

The Committee on Homeland Security’s Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies hearing entitled “Electromagnetic Pulse (EMP): Threat to Critical Infrastructure” originally scheduled for February 26, 2014, HAS BEEN RESCHEDULED.  The Subcommittee will now meet on Thursday, May 8, 2014 at 2:00 p.m. in 311 Cannon House Office Building.

Opening Statements

Rep. Scott Perry (R-PA), Vice-Chairman


Hon. Trent Franks
A Representative in Congress from the State of Arizona

Dr. Peter Vincent Pry
Congressional EMP Commission
Congressional Strategic Posture Commission
Executive Director of the
Task Force on National and Homeland Security

Dr. Michael J. Frankel
Senior Scientist
Penn State University
Applied Research Laboratory

Dr. Chris Beck
Vice President
Policy and Strategic Initiatives
The Electric Infrastructure Security Council


Silence is Golden

I haven't posted or linked to articles in awhile.  I was busy finishing up an 80 page electric grid paper, and about 100 pages of excel tracking charts.  I'll get them up here soon, and also looking to get them published as a reference.

Article on Solar Storm threat to Grid

Here's a good Reuters article that summarizes the Solar threat as well as some reports over the recent years relating to the solar threat.

Recent EMP Panel

This was a panel by the EMPact America folks, and centered on EMP affects and impacts, and also tied into Iran threat.  A portion of the overall issues related to electric grid resiliency, but certainly an impactful event if it occurred.  They have occasional panels and papers.  In this one former CIA Director James Woolsey also spoke.

Twitter blurb:

If into #electricgrid & #energy #security; recent @EMPACTAmerica panel with @SenTedCruz @RepTrentFranks @frankgaffney

Executive and Congressional Policy affects on Energy Resiliency

A White paper by Senator Murkowski discusses focusing EPA & FERC policy on energy reliability in order to keep #electricgrid sound and functioning.  Points out issues such as "89 percent of coal capacity slated for retirement next year was used to meet the increased demand during January Polar Vortex". 

Timeline of Electrical Grid Events

I've been working on accumulating a listing of major electrical grid events.  Obvious things like major power outages, attacks, and other aspects like reports, congressional related information, Executive Branch policy info, key articles, etc.  I'm not quite sure the best way to post this so I'm working on a few options.  The timeline is located through the menus, or directly here.

More on California Electric Grid attack

The February 4, 2014 article by Rebecca Smith "Assault on California Power Station Raises Alarm on Potential for Terrorism (April Sniper Attack Knocked Out Substation, Raises Concern for Country's Power Grid)" fromThe Wall Street Journal further discusses the April 16, 2013 attack on a California energy substation.  The article is unfortunately behind the WSJ paywall.  However, a February 5, 2014 article titled "Attack on a California Transformer Could Have Been Dress Rehearsal for Terror Attack on Power Grid" at The Washington Free Beacon had a summary.

They quote Jon Wllinghoff, former FERC chair saying it was “the most significant incident of domestic terrorism involving the grid that has ever occurred (in the U.S.)”  Another interesting quote: “This wasn’t an incident where Billy-Bob and Joe decided, after a few brewskis, to come in and shoot up a substation,” Mark Johnson, retired vice president of transmission for PG&E, told the utility security conference, according to a video of his presentation. “This was an event that was well thought out, well planned and they targeted certain components.” 

It will be interesting to continue to track this and other events.


UPDATE 6 Feb 4:30pm EST - Here's the link to the WSJ Video (3:15 length).


Physical Attacks on the Electric Grid

You often hear about the threat of cyber attacks, or even EMP against the electric grid.  But we don't realize how vulnerable it is to physical attack.  The story linked below is interesting - I hadn't heard of it.  Individuals broke into a substation, cut fibers and thus 911 services, and then fired 100+ rounds from automatic weapons into transformers.  The transformers leaked and shut down due to overheating.  Quite possibly a training run given the nature of the attack.

British/New Zealand study - More Frequent And Severe Blackouts In The Coming Years

A redorbit article came out a few days ago talking about a joint British/New Zealand study.  Interesting article notes:  

- three quarters of American transmission lines are more than 25 years old.  

- The study said American household electrical power usage is up by 1,300 percent from 1940 to 2001.  

- “It is estimated that energy demand for air conditioning in 2100 will be 40 times greater than it was in 2000, and alongside this, there is also an ever-increasing market for electric vehicles. Western societies therefore face a significant social problem,” Byrd said.

Electric Grid Security

I never gave much thought to electricity until I read the book One Second After.  That got me thinking about what would happen if the electricity went out.  While at the National War College as a student, I had the opportunity to write a few papers, so I used this general topic for some of them.  I'm currently working a larger paper for Spring 2014 as a writing elective, with this as the topic.  Here I'll record what I've found, and also continue keeping track of electric grid security events.