Friday, January 1, 2016

Cybersecurity and the Power Grid

Inspired by Emma's post, I've decided to write a bit on something I've read recently: Ted Koppel's book, Lights Out. His novel seeks to reveal many of the nation's gaping holes regarding cybersecurity and defense, both in terms of policy, infrastructure, and mindset. This is my attempt to boil it down to what I found were its more interesting (haunting?) points. Yes Mr. Silton, this is a bit of a preview to my research paper (it honestly barely scratches the surface).

The Power Grids of America (3)

Thanks Prep and Be Ready

No, your eyes don't deceive you. The US is powered by three power grids; one for the East, one for the West, and one for, well, Texas (because why not?). Jokes about Texas seceding from the Union aside, one big what if comes to mind:

What if one of the big grids went down entirely?

Well I sure hope you weren't thinking "The government knows how to handle that!" because the truth is they don't. In Koppel's book, he goes around interviewing top level officials, including Craig
Fugate, the Federal Emergency Management Agency's administrator. In addition to an explanation as to the logistical and resource nightmare that is sustaining several millions of individuals for a prolonged period of time (weeks into months), his overall outlook on the situation is best summed up in his final quote (of the chapter):

"We [would be] trying to hang on and keep as many people [as possible] from dying until the system comes back" (118).

Not exactly a statement of reassurance, is it now?

But perhaps I should back up, because the question that comes before this has even more depressing answers.

The Power Grid's Cybersecurity (and Structural Integrity)

I'm going to preview this section with a brief summary of power distribution. Imagine electricity like a resource that has to be moved from point A (generation) to point B (distribution). Now imagine that the transmission lines (seen above) are like a giant railway system that connects these points. This railway analogy illustrates the need to schedule power distribution (like trains on a line) (37), and helps to make Koppel's point about how important the integrity of such infrastructure is.

If hackers were able to worm their way into the system, they could cause irreparable damage not only by taking out the programs that manage the system, but damage the physical infrastructure itself by overloading both the lines and the transformers. And while the security protocols seem air tight on the surface (nothing is connected to the web that directly controls the power), all it takes is one mistake, one infected USB brought into work, and that "air boundary" disintegrates.

This part gets a bit technical, so I'll leave a TL;DR at the end.

DTE Energy's new, 884,000 pound LPT 

Transformers are important for managing power; in order to transfer power from say Florida to Michigan, it needs be done at an extremely high voltage. The voltage is no joke, as power lines can be seen sagging under the weight of the electricity at peak transmissions. Cue the large power transformers (LPTs), which are used to both "step up" and "step down" said voltages. LPTs, as important as the might be, are custom built to fit each power company and are gigantic in size and weight (400,000 to 600,000 pounds); roads have to be closed, special train carts need to be used, and bridges inspected just to transport ONE of these things. Needless to say, replacing these things is difficult. And while the exact number of these in use is considered a business secret, estimates range in the tens of thousands (95).

Now let's destroy a couple hundred by sabotage, and watch the ensuing chaos.

Oh and the production time? One to two years, "and never less than six months" (95).

TL;DR: Large complicated power transformers are hard to produce and replace; a powerful attack could destroy thousands, and then the government would be floundering as it attempted to restore power by building them.


This might have been a bit ranty/ based on one source of information. I could be cited for being paranoid, easily swayed, or both. And yet there is something eerie about Koppel's citation from George Cotter's paper Security in the North American Power Grid-A Nation at Risk:

This [electric power] industry is simply unrealistic in believing in the resiliency of this Grid subject to a sophisticated attack. When such an attack occurs, make no mistake, there will be major loss of life and serious crippling of National Security capabilities. [Emphasis added.] (225)
That's enough to make me take pause; what about you?

Koppel, Ted. Lights Out: A Cyberattack, a Nation Unprepared, Surviving the Aftermath. New York City: Crown, 2015. Print.

1 comment:

Kate Holland said...

Thank you for the post, Scott.
Thankfully, our worst threats are also the least- equipped actors, so I do not think that we need to live in fear of some impending doomsday, but the US should put safety first and put more effort into securing the system in case our enemies acquire more advanced capabilities.

Although China and Iran are mentioned in the post, I think it would be highly unlikely that either would commit a large- scale attack on the US grid because both countries depend too much on the US economy. Any large scale attack like one mentioned in the article would hurt the global economy, and if China/ Iran committed such an attack, the US would punish them economically (ie. sanctions) and possibly militarily. Even if the countries may disagree with our foreign policy stances— China on the east and south China sea, Iran on Israel— any US backlash would not be worth an attack. Exports to the West/ the US are crucial parts of both China’s economy and Iran’s economy (oil exports). Most attacks that Russia and China perpetrate on us not intended to harm the country, but to steal information that is useful to them (eg. product designs and military information so they don’t have to do their own research).

As for North Korea, they are so isolated economically that that may not be as much of a deterrent. Thankfully for the US, the country does not have much in the way of tech talent and is isolated from the rest of the world in terms of the flow of people and information, so their capabilities are limited. The DPRK has been trying (and failing) to get their missile program off the ground for years and have not had much success (with the exception of Sony) with conventional cyberattacks in the way China and Russia have, so they are not as advanced. Compare one attack on Sony to China stealing US military weapons designs— huge difference.

Terrorist groups like ISIL (or domestic terrorists) would certainly want to perpetrate such an attack. According to this CNN article*, ISIL has already tried to hack our energy grid, but has failed. A chief at the FBI’s cyber division quoted in the article determined that ISIL has “low capability” as of now, although they could buy software on the blackmarket to help them. The article also mentions that since there are differences across the grids, different types of attacks might be needed to spread an attack on one power plant to another.

This means either (a) we are not as defenseless as portrayed in the book or (b) the book is assuming that the threats we face will become more advanced than they currently are.

I do think that ISIL is an issue, especially since they recruit from across the globe, so unlike North Korea, they could get more people experienced with technology who might be able to attack the system. It is worrisome that they have already discovered that they can attack the US grid, and hopefully our government will secure their systems to stay one step ahead of them.