The Reality of POWER GRID VULNERABILITIES

A successful cyber-attack on a power grid is a nightmare that keeps intelligence services and security experts awake at night. The threat’s no longer theoretical: Hackers brought down by a grid in Ukraine a year ago. The vulnerability they used? As so often with hacking, a breakdown in awareness and playing the role of reactive, rather than proactive.

 The engineered blackout scenario is so real and the realty of the aftermath can be so terrifying that the former ABC “Nightline” host, Ted Koppel, recently published a book about it.  In his book “Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath,” Koppel claimed the United States was unprepared for an attack: “If an adversary of this country has as its goal inflicting maximum damage and pain on the largest number of Americans, there may not be a more productive target than one of our electric power grids.”

What happens after a threat like this becomes a reality..?  Brace yourselves... After the grid goes down from a significant EMP event, power will remain unrestored for up to 6 months. Electric substations along with most water treatment facilities with damaged or destroyed digital relay systems will be ill-prepared to get back on line with the backbone to the grid and water filtration systems for several months. The groceries stocked up at grocery stores and so conveniently available to most Americans will disappear in as few as 6 days. Anarchy will ensue within a week, and within 3-6 months, 1/3rd of the population of the United states affected by the prolonged blackout will most likely perish.  

Still have doubts that it could ever happen or be so catastrophic?

• It was 3:30 p.m. last December 23, 2016, and residents of the Ivano-Frankivsk region of Western Ukraine were preparing to end their workday and head home through the cold winter streets. Inside the Prykarpattyaoblenergo System Control Center, which distributes power to the region’s residents, operators too were nearing the end of their shift.
• But just as one worker was organizing papers at his desk that day, the cursor on his computer suddenly skittered across the screen of its own accord.

• He watched as it navigated purposefully toward buttons controlling the circuit breakers at a substation in the region and then clicked on a box to open the breakers and take the substation offline.
• A dialogue window popped up on screen asking to confirm the action, and the operator stared dumbfounded as the cursor glided to the box and clicked to affirm. Somewhere in a region outside the city he knew that thousands of residents had just lost their lights and heaters.

• The operator grabbed his mouse and tried desperately to seize control of the cursor, but it was unresponsive. Then as the cursor moved in the direction of another breaker, the machine suddenly logged him out of the control panel. Although he tried frantically to log back in, the attackers had changed his password preventing him from gaining re-entry.

• All he could do was stare helplessly at his screen while the ghosts in the machine clicked open one breaker after another, eventually taking about 30 substations offline.
• The attackers didn’t stop there, however. They also struck two other power distribution centers at the same time, nearly doubling the number of substations taken offline and leaving more than 230,000 residents in the dark.
• And as if that weren’t enough, they also disabled backup power supplies to two of the three distribution centers, leaving operators themselves stumbling in the dark.

Whatever the intent of the blackout, it was a first-of-its-kind attack that set an ominous precedent for the safety and security of power grids everywhere.

The operator at Prykarpattyaoblenergo could not have known what that little flicker of his mouse cursor indicated for that day. But now the people in charge of the world’s power supplies have been warned. This attack was relatively short-lived and benign.

The next one might not be.

The Ukraine Blackout is a perfect example of how cyber terrorism can open a backdoor into the grid-control systems that could provide hackers with remote access. More specifics of the event came from the Bratislava-based cyber-security firm ESET. The firm essentially tied the 12/23/16 Ivano-Frankivsk outage to a known piece of malware, the BlackEnergy trojan. In 2014, the US government’s Industrial Control Systems Cyber Emergency Response Team discovered a variant of BlackEnergy that could be used to compromise industrial-control systems, such as those running power grids.

 ESET made this statement following the Ukraine Blackout : “We can assume with a fairly high amount of certainty that the described toolset (BlackEnergy Trojan) was used to cause the power outage in the Ivano-Frankivsk region.”

 BlackEnergy is probably a Russian-made weapon. That this weapon has been honed to turn out the lights for large portions of a country is bad news. If it can be used in Ukraine, it can be employed anywhere. That includes the United States, where the Islamic State is reportedly already trying to hack the power grid, but failing due to a lack of the necessary technology.  Keep in mind, If the technology capable of bringing down power grids exists, it can leak or be intentionally leaked to anyone who might need it.

 Power-grid computer systems can’t be taken off the Internet because the grids depend on software that constantly monitors the balance of electricity demand and supply. That makes them vulnerable by definition: If you have an Internet-connected system, people have access to it, and there’s a potential problem.

  The only way to prevent incidents like the hours-long Ivano-Frankivsk blackout is to train energy-company employees in the safe use of e-mail (or even make it impossible for them to open attachments) ; make sure ex-employees cannot help criminals gain access to the corporate systems; and promote energy independence to citizens.

The obvious best way to prevent these incidents is to talk about it, and to educate Americans of the threat, and the prevention and mitigation methods.