The vulnerability of the US power grid is finally being heralded as a pressing domestic security concern within the federal government, but it took the owner of a private technology firm to wake up officials.
Tech expert Adam Crain once felt that it would be virtually impossible for cyber hackers to tap into power grid computer networks and cause a problem such as a widespread blackout, The Los Angeles Times reported. But once he and those around him began looking into it, they were shocked to discover it was surprisingly easy.
The Raleigh, North Carolina, tech firm owner informed officials at the Department of Homeland Security (DHS) of his findings, and they began rushing to address the issue.
DHS administrators shared the bad news with utility security officials and started sending alerts to power grid operators urging them to upgrade their software. Crain remained focused on the power grid cyber attack issue, seeking new security lapses which could allow both ordinary computer hackers and enemies of America to exploit.
‘Stages of Denial’
“There are a lot of people going through various stages of denial (about how easy it would be to take down the grid), he told the newspaper. “If I could write a tool that does this, you can be sure a nation state or someone with more resources could.”
Meanwhile, an insurance company may have issued the most telling report.
Lloyd’s of London has a longstanding reputation for insuring a number of risky or odd items, such as the legs of an actress or the voice of famous singers such as Bruce Springsteen, Rod Stewart and Bob Dylan. But the company is not willing to extend a policy to about half the nation’s power companies.
Energy Sector Security Consortium Founder Patrick Miller said, “When Lloyd’s won’t insure you, you know you’ve got a problem.”
Just last year, Lloyd’s issued a report warning that a major solar storm could knock out power worldwide for months or years.
“We are estimating that 20-40 million people might be without power from anywhere up to one, even two years,” one of the report’s co-authors told Voice of America. “That has to do with the critical issue of replacement transformers. That number of people without power could result in an economic cost somewhere between $0.6 trillion to $2.6 trillion.”
Companies Fighting One Another
Territorial angst has also been noted as an obstacle to developing a feasible and enforceable plan to harden the power grid from a cyber attack. Energy industry and federal law enforcement officials have reportedly pointed fingers at one another over the issue, claiming the other is behaving in an evasive and territorial manner and unwilling to share intelligence and incident reports concerning the power grid, the Times said.
“The notion of a single government agency giving an order to direct changes in the grid is extremely dangerous,” said North American Electric Reliability Corporation Chief Executive Gerry Cauley.
The companies themselves deny claims they have ignored power grid vulnerabilities and point to the “billions of dollars” already spent to upgrade computer systems and “security loopholes.”
Last year, the grid’s reliability barely passed in a report card issued by the American Society of Civil Engineers (ASCE).
The American Society of Civil Engineers power grid grade card rating means the energy infrastructure is in “poor to fair condition and mostly below standard, with many elements approaching the end of their service life.” It further means a “large portion of the system exhibits significant deterioration” with a “strong risk of failure.”
Do you think the power grid is vulnerable? Let us know in the comments section below.