Infrastructure protectionMaking the grid smarter makes it more vulnerable to hackers

Published 25 March 2014

The U.S. electric grid is constantly under attack despite attempts by utilities to boost physical security and cyberdefenses. In 2013 a DHS cyber emergency team responded to more than eighty incidents involving energy companies. “If you’re a utility today, depending on your scale, you’re under attack at this moment,” says Robert Weisenmiller, chairman of the California Energy Commission.

The U.S. electric grid is constantly under attack despite attempts by utilities to boost physical security and cyberdefenses. Regulators have increasingly focused on physical security of the grid since last year’s attack on a Pacific Gas and Electric Co. substation in San Jose, California, where unknown attackers cut telephone lines to the Metcalf substation, then disabled seventeen transformers with precise gunfire. Cyberattacks, however, are becoming more of a concern.

Government Technology reports that in 2013 a DHS cyber emergency team responded to more than eighty incidents involving energy companies. “If you’re a utility today, depending on your scale, you’re under attack at this moment,” said Robert Weisenmiller, chairman of the California Energy Commission.

Efforts by utilities to make the electric grid “smarter” by deploying sensors, automation, and communications technology have created new ways for hackers to sabotage the electric grid; and while cybersecurity spending has increased to eliminate some weaknesses in the smart grid, the threat still remains. Smart meters still operate side by side with old and sometimes outdated hardware systems.

There are some very good hackers out there, and they’re not going to take ‘no’ for an answer,” said Andy Saunders, managing consultant for the IOActive smart grid security firm. “They’re going to keep throwing things at these devices and systems.”

A 2013 congressional survey of more than 150 utility companies revealed that at least one utility was the target of roughly 10,000 attempted cyberattacks each month; and more than a dozen utilities reported daily, constant, or frequent attempted cyberattacks including phishing, malware infection, and unfriendly probes.

Representative (now Senator) Edward Markey (D-Massachusetts) and Henry Waxman (D-California) wrote in response to the survey that although the utilities did not report damage to any of their computer systems, “there did not appear to be a uniform process for reporting attempted cyberattacks to the authorities; most respondents indicated that they follow standard requirements for reporting attacks to state and federal authorities, (but they) did not describe the circumstances under which these requirements would be triggered, but largely indicated that the incidents they experienced did not rise to reportable levels.”

Despite calls for Congress to provide a federal entity with the necessary authority to ensure the grid is protected from cyberattacks, there has yet to be a government entity with that authority, Markey and Waxman wrote.

Eliminating the threat of cyberattacks is impossible. Instead, utilities must continue to explore new ways to prevent, respond, and share information of an attack with federal agencies and fellow utilities. Scott Aaronson, senior director for national security policy at the Edison Electric Institute, said some utilities are deploying government-funded, Cybersecurity Risk Information Sharing Program, which monitors utility networks for signs of hacker activity using unclassified and classified information to identify threats. Reports of new malware can then be shared with government agencies and utilities.