Infrastructure threatsAttack on California power station heightens concerns about grid security

Security experts are concerned that last year’s attack, which is yet to be solved, on an electrical-power substation in San Jose, California, is but a prologue to similar attacks which, if executed simultaneously and in a coordinated fashion against several such substations, could cripple the U.S. power grid.

The Wall Street Journal on Wednesday offered a detailed report on the 16 April 2013 incident at the Metcalf transmission station in San Jose.

The transformers at the substation, vital for regional power distribution, were shot at by several gunmen and disabled for twenty-seven days.

The Washington Post reports that the attack did not cause major power disruptions because officials were able to reroute electricity around the damaged substation.

What is especially worrisome, security exert note, is that the attack appeared to have been carried out by people with some training, although the FBI said the agency does not think it was the act of terrorists. The Journal notes that shell casings left at the scene had no fingerprints on them, and investigators notices piles of small rocks near the point from which the shooters fired their weapons, indicating that a scouting team may have watched the power station before that shooting.

The attack began with at least one person entering an underground vault to cut telephone cables. The attackers then fired more than 100 shots, disabling seventeen transformers. The attack lasted fifty-two minutes, indicating that the shooters, based on their scouting of the area, knew they would not be noticed or disrupted.

“It’s still an ongoing investigation,” Brian Swanson, a spokesman for Pacific Gas and Electric (PG&E), which owns the substation, told the Post. “We’re not going to speculate as to the possible motive before the investigation is complete.”

The Journal’s account relied on analysis from Jon Wellinghoff, a former chairman of the Federal Energy Regulatory Commission (FERC). Wellinghoff, who now works for a San Francisco law firm, told the Journal that the attack was “the most significant incident of domestic terrorism involving the U.S. power grid that has ever occurred.”

Transformers such as those disabled in the attack are an essential and difficult-to-replace component of the national electrical grid.

The Post notes that in recent years, much of the concern about the safety of the electrical grid focused on cyberattacks, but the California attack was a demonstration that inflicting physical damage on a substation could be disruptive. An attack on any one substation may be compensated for by rerouting power, but the worry is about several such substations, especially if they are located in the same region, attacked at the same time, an event which would likely result in partial collapse of the grid and long blackout periods.

A 2012 report by the National Research Council found that high-voltage transformers “are the single most vulnerable component of the transmission and distribution system” (see “U.S. electric power grid “inherently vulnerable” to terrorist attacks: report,” HSNW, 16 November 2012).

“This has been the principal thing that has worried a lot of us, about vulnerability of the power system. Because transformers, especially the higher-voltage ones, tend to be very unique. They’re very hard to replace. And they’re very vulnerable,” M. Granger Morgan, a professor at Carnegie Mellon University who led the council’s study, told the Post said in a telephone interview.

“It’s probably a more serious issue than the cyber concerns,” Morgan said. “With cyber, it’s really hard to see that you could do much that caused long-term, serious damage. Whereas this is a strategy that could really mess up the power system not just for weeks, but for months at a time.”

Republican-led House Energy and Commerce Committee said Wednesday that lawmakers continue to follow the probe and that protecting the grid remains a top priority.

“We are aware of the attack and continue to monitor the investigation closely,” a committee spokeswoman told Fox News. “Committee staff has been briefed by agency officials and industry representatives. The security and reliability of the grid is a pressing concern, and we will continue our work to mitigate all emerging threats.”

At an industry gathering a few months ago, retired PG&E executive Mark Johnson said that he feared the attack was a dress rehearsal for a larger event.

Scott Aaronson, the Edison Electric Institute’s senior director of national security policy, said that “The industry takes its role as critical infrastructure providers very seriously…. Publicizing clearly sensitive information about critical infrastructure protection endangers the safety of the American people and the integrity of the grid.”