• Crafting emergency orders to protect the U.S. electric grid

    Russia and other potential adversaries are seeking to implant increasingly sophisticated cyber weapons on our power grid. Now, the United States has an unprecedented opportunity to help deter adversaries from using those weapons, and to prevent catastrophic blackouts if deterrence fails.

  • Lawmaker demands answers about Russian cyberattacks on electric utilities

    In July, the Wall Street Journal reported that in 2016 and 2017, hackers backed by the Russian government successfully penetrated the U.S. electric grid through hundreds of power companies and third-party vendors. Russian hackers gained access to control rooms, putting them in a position to disrupt U.S. power flow.

  • As Russians hack the U.S. grid, a look at what’s needed to protect it

    The U.S. electricity grid is hard to defend because of its enormous size and heavy dependency on digital communication and computerized control software. The number of potential targets is growing as “internet of things” devices, such as smart meters, solar arrays and household batteries, connect to smart grid systems. In late 2015 and again in 2016, Russian hackers shut down parts of Ukraine’s power grid. In March 2018, federal officials warned that Russians had penetrated the computers of multiple U.S. electric utilities and were able to gain access to critical control systems. Four months later, the Wall Street Journal reported that the hackers’ access had included privileges that were sufficient to cause power outages. It’s important for electric utilities, grid operators and vendors to remain vigilant and deploy multiple layers of defense.

  • Wanted: Smart ideas for grid modernization

    A consortium of national labs and nonprofit organizations has announced a call for concepts to engage the smart grid community in demonstrating visionary interoperability capabilities on how facilities with distributed energy resources, or DERs, integrate and interact with the utility grid.

  • Toward a more secure electrical grid

    Not long ago, getting a virus was about the worst thing computer users could expect in terms of system vulnerability. But in our current age of hyper-connectedness and the emerging Internet of Things, that’s no longer the case. With connectivity, a new principle has emerged, one of universal concern to those who work in the area of systems control. That law says, essentially, that the more complex and connected a system is, the more susceptible it is to disruptive cyber-attacks.

  • Detecting faults in the electrical grid

    Globally, most of the energy infrastructure that we rely on every day is over 35 years old. Like most things, age has not improved its functionality. There are people who work to prevent these sorts of catastrophes. Maintenance crews fly helicopters alongside high voltage power lines, getting up close to visually inspect infrastructure bit by bit. A much safer approach to maintenance is to take assets offline and then assess them for faults. Researchers have developed an innovative approach to maintenance which has the potential to do away with these inconvenient, time-consuming and dangerous practices—and also save us a whole lot of money.

  • With hacking of U.S. utilities, Russia could move from cyberespionage toward cyberwar

    Even before the revelation on 23 July that Russian government hackers had penetrated the computer systems of U.S. electric utilities and could have caused blackouts, government agencies and electricity industry leaders were working to protect U.S. customers and society as a whole. These developments highlight an important distinction of conflict in cyberspace: between probing and attacking. The distinction between exploiting weaknesses to gather information – also known as “intelligence preparation of the battlefield” – and using those vulnerabilities to actually do damage is impossibly thin and depends on the intent of the people doing it. Intentions are notoriously difficult to figure out. In global cyberspace they may change depending on world events and international relations. The dangers – to the people of the United States and other countries both allied and opposed – underscore the importance of international agreement on what constitutes an act of war in cyberspace and the need for clear rules of engagement.

  • Russians hacked into America’s electric grid. Here’s why securing it is hard.

    Hackers taking down the U.S. electricity grid may sound like a plot ripped from a Bruce Willis action movie, but the Department of Homeland Security has recently disclosed new details about the extent to which Russia has infiltrated “critical infrastructure” like American power plants, water facilities and gas pipelines. This hacking is similar to the 2015 and 2016 attacks on Ukraine’s grid. While DHS has raised the number of the Russian utility-hacking incidents it detected from dozens to hundreds, it still maintains that this infiltration has not risen beyond scouting mode. Clearly, there’s no time to waste in shoring up the grid’s security. Yet getting that done is not easy.

  • Report: Russian hackers came close to causing U.S. blackouts last year

    DHS has warned utilities that Russian government hackers accessed the U.S. electric grid control systems in 2016 and 2017, and could have, at the time of their choosing, caused blackouts across the United States. “They got to the point where they could have thrown switches” and disrupted power flows, said Jonathan Homer, chief of industrial-control-system analysis for DHS. DHS is gathering evidence on the Russian government’s attempt to automate these attacks on the U.S. grid.

  • How microgrids could boost resilience in New Orleans

    During Hurricane Katrina and other severe storms that have hit New Orleans, power outages, flooding and wind damage combined to cut off people from clean drinking water, food, medical care, shelter, prescriptions and other vital services. Researchers at Sandia and Los Alamos national laboratories teamed up with the City of New Orleans to analyze ways to increase community resilience and improve the availability of critical lifeline services during and after severe weather.

  • Expanding U.S. electric transmission systems to bolster grid resilience

    Five major global companies—all of which have ambitious clean energy goals in the U.S.—have asked the Federal Energy Regulatory Commission (FERC) to intensify its focus on expanding the nation’s electric transmission system as one key part of its push for grid resilience.

  • Now that Russia has apparently hacked America’s grid, shoring up security is more important than ever

    Hackers taking down the U.S. electricity grid may sound like a plot ripped from a Bruce Willis action movie, but the Department of Homeland Security and the FBI recently disclosed that Russia has infiltrated “critical infrastructure” like American power plants, water facilities and gas pipelines. There is no time to waste in shoring up the grid’s security. Yet getting that done is not easy, as I’ve learned through my research regarding efforts in to stave off outages in hurricane-prone Florida.

  • Space weather threatens high-tech life

    In September 1859, parts of the United States were crippled by a fierce space weather storm. Today’s even more sensitive electronics and satellites would be devastated should an event of that magnitude occur again. In 2008, a panel of experts commissioned by the National Academy of Sciences issued a detailed report with a sobering conclusion: The world would be thrown back to the life of the early 1800s, and it would take years – or even a decade – to recover from an event that large.

  • Modeling cyber insurance could protect the power grid

    The failure of even parts of the U.S. power grid could cause rolling blackouts that paralyze health care, traffic and business systems. With the advent of “smart” infrastructures that send data to the internet, cybersecurity is becoming a prime concern of public officials. Researchers are aiming to help utility companies prepare for that risk by making it easier for insurance companies to cover it.

  • Russia planted sabotage-enabling malware in U.S. energy grid, other critical infrastructure

    Russia has not only attacked the infrastructure of American democracy: The U.S. government now says that Russia has engaged in a pervasive, wide-ranging cyber-assault on U.S. energy grid and other key components of the U.S. critical infrastructure. These sustained attacks on U.S. critical infrastructure – along with the Russian interference in the 2016 election and the Russian-launched NoPetya malware — were the reasons the administration on Thursday imposed a new round of sanctions on Russia.