Grid2013 attack on Metcalf, California power grid substation committed by “an insider”: DHS

Published 19 October 2015

A senior DHS official last Wednesday revealed that a 2013 sniper attack on a Metcalf, California energy grid substation – which the top U.S. electrical utility regulator has called “the most significant incident of domestic terrorism involving the grid that has ever occurred” — may have been committed by someone on the inside. The attackers fired more than 100 rounds of .30-caliber rifle ammunition into the radiators of seventeen electricity transformers, which caused the radiators to leak thousands of gallons of oil, which made electronics overheat and shut down.

A senior DHS official last Wednesday revealed that a 2013 sniper attack on a Metcalf, California energy grid substation may have been committed by someone on the inside.

The top U.S. electrical utility regulator has called “the most significant incident of domestic terrorism involving the grid that has ever occurred”(for more on the attack, see “Attack on California power station heightens concerns about grid security,” HSNW, 7 February 2014).

No suspects have been named, and no motive identified, but CNNMoney reports that at the GridSecCon energy industry conference in Philadelphia last week, Caitlin Durkovich, assistant secretary for infrastructure protection at the Department of Homeland Security, said that “While we have not yet identified the shooter, there’s some indication it was an insider.”

Durkovich would not say whether it was a current or former employee of PG&E or a hired contractor.

The attack took place shortly after midnight on 16 April 2013, as several people quietly approached the PG&E’s substation in Metcalf, California. They cut fiber-optic AT&T phone lines, shutting off service to nearby neighborhoods.

They then fired more than 100 rounds of .30-caliber rifle ammunition into the radiators of seventeen electricity transformers, which caused the radiators to leak thousands of gallons of oil, which made electronics overheat and shut down.

The attack took no more than nineteen minutes, and caused $15 million in damage. Security experts said it was a wake-up call for energy providers to think not only of cybersecurity threats to the grid, but also of old-fashion physical security of power stations.

CNNMoney notes that PG&E has committed to spend $100 million to improve security at its facilities. The company has also announced a $250,000 rewards to catch the attackers, as has AT&T.

Several energy utility firms told CNNMoney that transformers are often custom designed, sometimes costing $3 million each — and replacements are slow. Plus, physical attacks on energy distribution machines are much more effective at taking out the power grid than a computer hack. And it is incredibly easy to pull off.

Some of the experts attending GridSecCon week said that it would be prudent to enclose electronics in 1/2-inch thick armor plating that can stop high-powered rifle rounds.