In today’s thoroughly interconnected world, everything is hackable. Everything can be targeted and compromised by cyber attackers if they have enough skill and resources. When hackers compromise our personal computers, we get annoyed because of the inconvenience and possible financial loss that causes. When cyber attackers target our democratic systems, we lose faith in our representatives and structures and slowly lose our ability to govern. When hackers aim for our electrical grid, however, our way of life comes to a halt immediately, causing inconvenience and financial distress, but also imperiling life. The consequences of having our electrical grid hacked are alarming.
Electrification was rated the top engineering achievement of the 20th century. The electrical grid carries electricity at high voltage hundreds of miles from where it is generated to where it is consumed. The physically open and geographically expansive nature of the grid alone makes it a prime target for would-be terrorists, since there are so many points where a physical attack could disrupt the flow of power. In fact, Mother Nature herself sometimes provides the disruptive force, knocking down power lines and striking components with a jolt of her own electricity.
The grid continues to deliver electricity to us because it was designed to be resilient: there are many paths by which electricity can get to us. If one path is damaged by a tornado, another parallel path can carry electrons to where they are needed. There are limits to this, of course. Just as a clogged drain causes water to back up in a tub, an outage along one path will cause congestion on its parallel routes. Like an accident causes a traffic jam, an electrical outage causes overloads. The problem worsens when those overloads on parallel paths cause damage to those paths, because then the grid starts to run out of options for carrying electricity where it needs to go.
A coordinated cyber attack against the grid would purposely select a set of paths to compromise that would eventually make it impossible to carry electricity to where it is needed. By targeting parallel paths that ordinarily provide alternative routes for each other, the attacker could plunge an area into darkness by isolating it from electrical supply. Think of such an attack as a tornado with a plan, acting not only to stress the grid randomly, but to interrupt it strategically for maximum impact.
Utility industry professionals and cyber security and power engineering researchers are working hard to counteract these kinds of nefarious advances. It is not an easy task. The grid has become increasingly computerized over the years to eke more power-carrying capacity out of it. Our demand for electricity keeps growing, but physical, environmental, and financial constraints make it difficult to expand the grid accordingly. So, we rely more and more on automation to increase the grid’s ability to carry power without augmenting its footprint. Automation, however, expands the hacker’s attack surface, creating additional targets to attack.
The electrical grid will never be completely impervious to hacking. I believe we have to acknowledge the inevitability of a successful cyber attack against the US electrical grid. The question therefore shifts to how to limit its impact.
To limit the impact of a successful attack against the electrical grid we must
- Decentralize: The current grid uses transmission lines that stretch hundreds of miles to carry electricity from remote generating stations to where it is consumed. We need to integrate far more local sources of electricity, ones that can serve individual neighborhoods and districts at least as a long-term backup. Renewable energy sources like wind and solar, and architectures like microgrids, will play a role here.
- Communicate: When an attempted cyber attack is detected, utilities must share, in real time, detailed information about the attempted attack so that, together, they can recognize it and protect against it in a coordinated manner. Right now, this communication doesn’t take place nearly as readily or as immediately as it should. Grid operators must work transparently together to guard against attack and minimize its consequences.
- Isolate: The computer equipment that automates portions of the grid cannot use commodity-grade protocols and components. Hackers are thoroughly familiar with how to compromise more commonplace network and computing appliances. The grid must work with vendors to create more specially hardened devices designed for the unique challenges and heightened stakes of critical infrastructure operations.
None of these three tasks is easy or inexpensive. When our best hope isn’t to avoid cyber attack but to limit its impact, we have to make the sacrifices these initiatives require.