Electric-Grid Attack Fuels Sniper-Versus-Hacker Debate
U.S. energy regulators’ efforts to harden the power grid against snipers and terrorists are fueling a debate over whether they’re diverting resources from other threats, like cyber attacks.
The Federal Energy Regulatory Commission last week ordered the power industry to identify critical facilities and come up with a plan to protect them from attack.
“My concern is that we don’t shift our focus and our resources,” said John Norris, a FERC commissioner who voted for the order while cautioning against overreacting to the sniper attack last year on a power substation in California. “The rush to do this seems to be based on a very incomplete set of facts about what happened.”
As the electricity network has become increasingly dependent on software and the Internet, the utility industry has focused on combating potential cyber attacks. The April attack at PG&E’s Metcalf substation near San Jose resurrected a 20th century threat -- an old-fashioned, military-style assault on the power network.
Regulators are now trying to find the best way to guard against all threats to the generators, transformers and thousands of miles of high-voltage power lines that make up the U.S. electric grid. They’re also trying to encourage modernization of the aging network.
Norris said the U.S. should focus on technologies, like the development of microgrids, that can quickly isolate damaged components from the rest of the network in the event of an attack. Advanced technologies can also make better use of data to improve awareness of incidents affecting the grid, he said.
“You address multiple threats, not just physical threats,” Norris said. At at FERC meeting on Feb. 20, he said, “Our future is in a much smarter and more nimble grid.”
Former FERC Chairman Jon Wellinghoff for years has warned that the grid’s most critical components, such as transformers that adjust electrical voltage, are vulnerable and could be better protected with relatively simple measures, like improved fencing.
An attack knocking out major critical components “would result in catastrophic failure, potentially, of the interconnect,” Wellinghoff said by phone.
Wellinghoff said he also favors measures to prevent cyber attacks and other threats, and supports the FERC’s March 7 order. It requires the North American Electric Reliability Corp., a non-profit organization responsible for ensuring the reliability of the grid, to produce by June standards to guard against physical attacks. The standards should require utilities to identify their most critical components and show that they’re adequately protected.
“It was a good step to take, ultimately,” Wellinghoff said. “We’ll see what NERC does and how long it takes.”
NERC Chief Executive Officer Gerry Cauley said he shares Norris’s concerns about overreaction to the California attack, while other incidents, from ice storms to potential cyber attacks also pose threats, and utilities will eventually pass along many costs to consumers.
“Where it could get really expensive and challenging is whether you need stronger barriers like walls” and other protections around transformers, he said in a phone interview. “You wonder which ones are so critical it would warrant that.”
Cauley said utilities can increase physical security by improving existing protections like lighting, cameras, surveillance equipment and key-card access at substations. The California incident showed that companies need to be concerned about the line-of-sight for potential shooters, he said.
“I would like the standard to drive a more heightened look than what we’ve seen in the past,” Cauley said.
After rifle-toting attackers shot up PG&E’s Metcalf substation near San Jose on April 16, the FERC provided the industry with a list of steps to improve security at substations, said Tom Kuhn, president of the Edison Electric Institute, a Washington-based industry group for publicly traded utilities including Duke Energy Corp. and Exelon Corp.
The list hasn’t been made public. FERC spokeswoman Mary O’Driscoll declined to acknowledge its existence. EEI spokesman Jeff Ostermayer said in an e-mail he couldn’t provide the list “for operational security reasons.”
Disabling as few as nine electricity substations and destroying a transformer manufacturer could plunge the nation into a blackout that would last for 18 months, the Wall Street Journal reported yesterday, citing an internal FERC report.
Acting FERC Chairman Cheryl LaFleur didn’t deny the existence of the report, though she said in a statement that publishing sensitive information “crosses the line from transparency to irresponsibility, and gives those who would do us harm a roadmap to achieve malicious designs.”
Executives from the power industry in recent months have met at least 10 times with officials from the U.S. Energy Department, Homeland Security Department, Federal Bureau of Investigation and local law-enforcement agencies to discuss improving security at electric substations, Kuhn told editors and reporters at Bloomberg’s New York headquarters last month.
He said safety measures include outfitting grid components with additional security technologies and establishing closer ties with local police. In November, more than 2,000 representatives from utilities and government agencies participated in a NERC-run, grid-security exercise.
“I don’t think we could be taking it any more seriously,” Kuhn said.
San Francisco-based PG&E plans to spend $100 million in the next four years to bolster its network against further attacks, said Brian Swanson, a company spokesman. While the April attack disabled transformers at the substation, the company was able to prevent customers from losing power, he said. The utility has since worked with law enforcement to increase patrols and deployed security guards to provide a round-the-clock presence at critical units, Swanson said.
“I can’t get into every security measure we’re doing,” he said in a phone interview. Swanson did say PG&E is building buffer zones around major substations with opaque fencing; it has removed vegetation to eliminate potential hiding places for would-be attackers; and it has installed more lighting, cameras and security systems to detect intruders.
“The industry’s focus is risk management, not risk elimination,” Courtney Nogas, a spokeswoman for Washington-based Pepco Holdings Inc., said in an e-mail. Pepco has in place multiple layers of protections for its network, she said, while declining to say what steps the company has taken for security reasons.
Dominion Resources Inc., Virginia’s largest power company, said it plans to spend as much as $500 million during the next five to 10 years to improve physical security at its power stations. The upgrades include two layers of perimeter security, fences that can’t be climbed and card-key access for its substation yards, the company said in a publication for investors this month.
Ultimately, the steps industry and regulators take to guard against physical attacks will be a balancing act between securing the grid and shielding consumers from high costs. The FERC must approve rate changes resulting from investments to the generators and high-voltage power lines that make up the bulk-electric network.
The U.S. should remain vigilant about other threats, including natural disasters, cyber attack and geomagnetic disturbances as it considers these expenses, Norris said in his statement supporting FERC’s order.
“We simply cannot erect enough barriers to protect North America’s over 400,000 circuit miles of transmission, and 55,000 substations,” he wrote, acknowledging that some substations may need more physical barriers.
According to Wellinghoff, there are probably fewer than 100 power substations, primarily in rural areas, that are most critical to the network and may need heightened protection. While costs would vary among substations, the expense would be minimal if spread among taxpayers, he said.
“They should be spread over everybody because it affects everybody,” he said.
To contact the reporter on this story: Brian Wingfield in Washington at email@example.com
To contact the editors responsible for this story: Jon Morgan at firstname.lastname@example.org Steve Geimann