Don’t have enough to worry about today? Some experts believe that an attack on the electrical grid—not just for a company, but for the entire country—is only a matter of time.
Since the technology we all depend on is typically predicated on having the power to run it, this concerns some people.
“The Department of Homeland Security identifies 16 ‘critical infrastructures’ supporting the U.S. economy, but the electric grid is the most basic — everything else from medicine to finance to transportation depends on it,” writes Loren Thompson in Forbes. “Thus, it is the most ‘lucrative’ target for hackers seeking to achieve devastating effects.”
Some believe it’s already happened. “Hackers have gained access to an aging, outdated power system,” write Garance Burke and Jonathan Fahey for the Associated Press. “Many of the substations and equipment that move power across the U.S. are decrepit and were never built with network security in mind; hooking the plants up to the Internet over the last decade has given hackers new backdoors in. Distant wind farms, home solar panels, smart meters and other networked devices must be remotely monitored and controlled, which opens up the broader system to fresh points of attack.”
In fact, a multiple-hour blackout in the Ukraine in December is now thought to have been caused by a coordinated hacking attack, writes Paul Roberts in the Christian Science Monitor.
Because the U.S. power grid is supplied by a variety of local, state, and regional companies, it is considered more vulnerable to such an attack because standards vary between the different operators, Thompson writes. While in some ways, this decentralized architecture actually makes the grid harder to attack, the lack of a central monitoring system can make such an attack harder to spot, he adds.
The University of Arkansas has received a $12.2 million grant from the U.S. Department of Energy—itself a target of many hacking attacks—to develop a research center devoted to cybersecurity for electric power utilities. This is part of an effort from the Obama administration to help protect the electrical grid.
On the other hand, some pooh-pooh hacking concerns, saying that squirrels or even the sun itself is a bigger threat to the electrical grid than hackers are. “According to a former deputy director of the National Security Agency, the biggest threat to the US power grid isn’t a cyberattack at all. It’s a squirrel,” writes C. Thomas in the Christian Science Monitor. “Yes, squirrels and other animals cause hundreds of power outages every year.” In comparison, only one confirmed infrastructure cyberattack has resulted in physical damage, he continues.
“[W]e logged over 300 events in 2015 worldwide,” notes Cyber Squirrel, the pseudonym of a person who tracks squirrel (and bird, snake, and beaver)-related power outages. “Think of how large the number really is. And we sit here and worry about cyber Armageddon? We experience ‘Armageddon’ every day…. Now does that mean power companies are perfectly safe from the cyberz? Absolutely not. There is definitely some risk there and as a national security issue it is an issue that needs attention. Just nowhere near the attention that [it] has been getting from the cyber war hawks.”
And the sun itself? In 1859, a gigantic solar flare became known as the “Carrington Event,” after the man who discovered it, and wreaked havoc all over the world. “It was so powerful that it triggered colorful auroras that could be seen as far south as the tropics and made telegraph systems worldwide go haywire,” writes Danny Lewis in Smithsonian. “Some telegraph operators reported being shocked by electrical discharge and witnessing telegraph paper catch fire.”
Keep in mind that the Carrington Event happened before electricity was widely used. Today, such an event could devastate the world, writes Richard Lovett in National Geographic News. “Power surges caused by solar particles could blow out giant transformers,” he writes. “Such transformers can take a long time to replace, especially if hundreds are destroyed at once. The eastern half of the U.S. is particularly vulnerable, because the power infrastructure is highly interconnected, so failures could easily cascade like chains of dominoes.” The result could be cities without power for months, with losses measured in the trillions of dollars, he warns.
Whether it’s hackers, squirrels, or coronal mass ejections, the point is that it’s a good idea to take steps to have other power options available and to protect vulnerable equipment from electronic fluctuations.
- If your organization has access to the grid itself, perhaps because you’re a utility company, ensure that all the equipment attached to it—including sensors and other “Internet of Things” components—frequently updates its passwords and software. Also protect the sensors and other components from physical access —including from squirrels. (For example, utility companies are installing “squirrel guards” on telephone poles.)
- Make sure your various contractors and other third-party suppliers follow these guidelines as well. In a number of cases, hackers have used this avenue to gain information.
- Otherwise, prepare for it just like you’d prepare for any other potential power failure.
Perhaps lay in a few squirrel traps, just in case.
Simplicity 2.0 is where we examine the intricate and transitory world of technology—through a Laserfiche lens. By keeping an eye on larger trends, we aim to make software that’s relevant to modern day workers, rather than build technology for technology’s sake.
Subscribe to Simplicity 2.0 and follow us on Twitter. If what we’re saying piques your interest, head over to Laserfiche.com where you’ll see how we apply the lessons learned on Simplicity 2.0 to our own processes, products and industry.