A recent power outage in Washington D.C. brought the weakening state of the U.S. power grid, which is now vulnerable to cyberattacks, to the attention of many. While some affected locations had their power restored within a couple hours, for some it took days to get back to normal. What leads to these kinds of outages? According to Darren Hammell, chief strategy officer and co-founder of the energy management firm Princeton Power Systems, it's due to outdated infrastructure.
"[The power grid] is very vulnerable, whether its physical attacks, mistakes like this one or even cyberattacks … there have been a lot of high visibility outages lately and there are just more we can expect," said Hammell.
The Energy Department has used the Recovery Act to invest up to $100 million into upgrading the U.S. power grid since 2010. But, given its current state, it's still vulnerable to cyberattacks that could affect the entire country. One of the main reasons that the power grid is difficult to manage is that it's comprised of 450,000 miles of high voltage wiring that's located in multiple places at once.
"It enables you to shut down very segmented, very tailored parts of our infrastructure that forestall the ability to provide that service to us as citizens," said Admiral Michael Rogers when speaking of software detected in China that could shut down the U.S. power grid in November of last year. Rogers, the head of the National Security Agency and U.S. Cyber Command says that it's a matter of time "when, not if we see something traumatic."
There are reportedly "two or three" countries with the capabilities to intentionally damage the U.S. power grid by exploiting its shortcomings.
The need to upgrade
"We've taken an infrastructure that is older and we have this modernized equipment on top of it that is vulnerable to the same type of hacking attack that you see with [companies] like Target," said Jonathan Pollett.
Pollett said he feels that there will be a focus on increasing the cybersecurity measures of the grid in the next few years that will look to improve "perimeter protection, intrusion detection, and intrusion response … this will allow the [system] to be more robust from a cyber threat."
Perhaps using a system that would immediately inform them of any signs of a cyberattack would be a wise investment for those responsible for the power grid.
Cybersecurity news and analysis brought to you by ArcticWolf, inventors of firebreak detection and response security services. FireBreak, when your firewall fails.