A deep learning-based cyber-attack detection and location identification system for critical infrastructures is proposed by constructing new representations and model the system behavior using multilayer autoencoders and has outperformed conventional . The new reality is that most of the U.S. Energy Grid critical infrastructure components operate in a digital environment that is internet accessible. Beyond domestic emergency planning, exercising crisis response at a national level with government, allies, and private sector actors would be valuable. In the same time period, forty-one weather events caused outages, affecting 5.2 million customers. In February 2022, three men pled guilty to conspiring to attack substations with explosives and ghost guns in furtherance of white supremacy ideology. Short of outright conflict with a state adversary, several plausible scenarios in which the U.S. power grid would be subject to cyberattack need to be considered: There are many plausible circumstances in which states that possess the capability to conduct cyberattacks on the U.S. power gridprincipally Russia and China, and potentially Iran and North Koreacould contemplate such action for the reasons elaborated above. Ukraine energy facility hit by two waves of cyberattacks from Russia's In the Lloyds scenario, only 10 percent of targeted generators needed to be taken down to cause a widespread blackout. Agencies would present a range of options to respond. Sectors such as finance and defense have developed strong information sharing practices with government support. In 2014, Admiral Michael Rogers, director of the National Security Agency, testified before the U.S. Congress that China and a few other countries likely had the capability to shut down the U.S. power grid. Edison on the Front Lines of the War on Cyberattacks A record number of attacks on electrical grids plunged thousands of Americans into darkness last year, as authorities worry neo-Nazis are targeting critical . From 7-11s to train stations, cyber attacks plague Taiwan - Reuters Where are the potential weaknesses in our nations electricity grid? Power grid attacks on substations increase across US: What to know Some of those include: shielding and hardening targetsgrid protection by protecting against surges and voltage; decentralization and employment of off-grid or distributed-grid networks; phased voltage stabilization systems and resistors for redirecting and balancing energy; mandating enhanced security standards, training and contingency planning, and establishing mechanisms for sharing information on vulnerabilities and threats. How Can America Protect Our Power Grid from Cyberattacks? As for the latter concern, the U.S. response or non-response could harm U.S. interests. It is doubtful that a terrorist organization would have both the intent and means to carry out such an attack successfully. However, considerable potential exists to miscalculate both the impact of a cyberattack on the U.S. grid and how the U.S. government might respond. As the adage says, we are in this all together because the stakes are so high. Mar 22, 2022 4:47 PM EDT. by Mitchell Ferman March 31, 2022 5 AM Central. A USA TODAY analysis of reports that utilities provided to the Department of Energy through August show: Since September, attacks or potential attacks have been reported on at least 18 additional substations and one power plantin Florida, Oregon, Washington and the Carolinas. WASHINGTON, D.C. The U.S. Department of Energy (DOE) today announced $45 million to create, accelerate, and test technology that will protect our electric grid from cyber-attacks to seamlessly help deploy clean and cheap energy to Americans.Cyber threats to American energy systems can shut down critical energy infrastructure and disrupt energy supply, the economy, and the health of . An earlier GAO report notes that the U.S. electric grid faces significant cybersecurity risks because threat actors are becoming increasingly capable of carrying out attacks on the grid. Nations, criminal groups, and terrorists pose the most significant cyber threats to U.S. critical infrastructure, according to the report. . The Public/Private Imperative to Protect the Grid Community | GovLoop, North America network connections. Annual Lecture on China. American-made guns trafficked through Florida ports are destabilizing the Caribbean and Central America and fueling domestic crime. In December 2022, power station attacks in Moore . Baltimore power grid attack plot: Sarah Beth Clendaniel and Brandon Russell arrested, officials say - CBS News. Ukraine has been hit by a "massive" cyber-attack, . Second-Order Cone Programming Relaxation of Stealthy . The number of direct physical attacks, including acts of vandalism and other suspicious activity, that potentially threatened grid reliability rose 77% to 163 in 2022 from the previous year . Thompson: Previous Russian attacks on Ukraine's power grid and other Russian cyber actions have already had an impact on U.S. national security because we face the same threat. Russia-Ukraine conflict maxes out cyberattack risk assessment index ", In February 2023, authorities arrested and charged two white supremacist suspects in connection with an alleged plot to attack and take down the power grid in Baltimore, Maryland. In one scenario, disruption of just nine transformers could cause widespread outages. 3) Existential Threats Weather, Solar Storms, and EMP. The country has inflicted malware on America in the past and might not be particularly concerned . Thousands of electric substations dot our nation's landscape. https://visibleearth.nasa.gov/view.php?id=55167, Sneakily Using Generative AI ChatGPT To Spout Legalese And Imply That Youve Hired An Attorney, Unsettling For AI Ethics And AI Law, Lightbulb Moment: Big Business Needs mini-Edisons To Drive Invention, Google TV Adds 800+ Free Live TV Channels, Spotify CEO Addresses AI Concerns, But Also Sees Opportunity To Attract More Creators, Bardeen, The Superglue In A Workflow Full Of Productivity Apps, U.S. Energy Information Administration - EIA - Independent Statistics and Analysis, Aging grids drive $51B in annual utility distribution spending | Utility Dive, Transmission NOI final for web_1.pdf (energy.gov), Energy Launches New Program To Overhaul the U.S. Electrical Grid - Nextgov, Securing the U.S. Electricity Grid from Cyberattacks | U.S. GAO, Is the Electric Grid Ready to Respond to Increased Cyber Threats? They wanted to knock out the substation, Jon Wellinghoff, the then chair of Ferc, told 60 Minutes, adding that the attack could have brought down all of Silicon Valley. Colorado Energy Company Suffered a Cyber Attack Destroying 25 Years of A devastating attack might also prompt calls to create a national firewall, like China and other countries have, to inspect all traffic at national borders. Reliable electricity is essential to the conveniences of modern life and vital to our nation's economy and security. The U.S. power system has evolved into a highly complex enterprise: 3,300 utilities that work together to deliver power through 200,000 miles of high-voltage transmission lines; 55,000 substations; and 5.5 million miles of distribution lines that bring power to millions of homes and businesses. A decision to increase spending on cybersecurity could come at the expense of burying power lines, raising them above the tree line, or trimming trees along the lines. Two of the attacks shared similarities with the incident in Moore county, North Carolina, where two stations were hit by gunfire. Industroyer2 had been scheduled to cut power for a region in Ukraine on April 8 th; fortunately, the attack was thwarted before it could wreak further havoc on the war-torn country. Taiwan's digital minister Audrey Tang said the volume of cyber attacks on Taiwan government units on Tuesday, before and during Pelosi's arrival, surpassed 15,000 gigabits, 23 times higher than . Finally, in March 2021, we found that the federal government does not have a good understanding of the scale of the potential impacts from attacks facing the component of the grid that is generally not subject to FERCs standards: distribution systems. J., & Asrari, A. Any attack on electric infrastructure potentially puts the safety of the public and our workers at risk, said BPA, which delivers hydropower across the Pacific north-west . However, the experience of other countries and the technical reality of the internet suggest that these firewalls are ineffective for cybersecurity but well suited to restricting speech online and censoring information. Law enforcement agencies such as the Federal Bureau of Investigation (FBI) and the U.S. Secret Service have built strong forensic investigation capabilities and strong relationships with both foreign law enforcement and the intelligence community. A A. Ukraine says it thwarted Russian cyberattack on electricity grid Power lines in Oregon, seen after a wildfire. China accused of cyberattacks on Indian power grid Through cooperation, the U.S. government has been able to determine the parties behind most major attacks. Christopher Brenner Cook, 20, of Columbus, Ohio, and Jonathan Allen Frost, 24, of Katy, Texas, were sentenced in federal court for their involvement in a plot to attack U.S. power grids to advance white supremacist ideology. protect the nation's power grid, but experts have warned . Power plants and substations are dispersed in every corner of the country, connected by transmission lines that transport electricity through farmland, forests and swamps. (Dakota News Now) - Attacks on the U.S. power grid increased in 2022, and local electric utility companies are preparing their security systems for any threats. Components are labelled with random serial numbers, with many connections glowing in yellow color too. Expansion of intelligence and data sharing between the government and private companies, and among private companies themselves, could greatly reduce the chances of an attacker being capable of taking down multiple targets and causing a cascading effect. In the event that an attack on the grid succeeds in causing blackout to some extent, the Trump administration should ensure that both the government and the industry are prepared to respond. NERC standards should require companies to maintain capabilities for manual operations. Russian military-linked hackers target Ukrainian power company - CNN They can damage artificial satellites and cause long-lasting power outages. Characterizing an attack on the power grid as an armed attack would likely have the strongest deterrent effect. Ukraine: Russian Attacks on Energy Grid Threaten Civilians The General Accounting Office (GAO) has explicitly stated that the U.S, Energy Grid is vulnerable to cyber-attacks. Although cyberattacks by terrorist and criminal organizations cannot be ruled out, the capabilities necessary to mount a major operation against the U.S. power grid make potential state adversaries the principal threat. April 12, 2022, 6:29 AM PDT. Doing so would also reduce the likelihood of the grid becoming a military target. Opioid addiction and abuse in the United States has become a prolonged epidemic, endangering public health, economic output, and national security. Attackers Keep Targeting the US Electric Grid | WIRED Finding viable solutions will require co-investment, strong public/private sector partnering and collaboration in research, development, and prototyping. Russian hackers penetrated networks connecting U.S. electric companies in 2017, placing cyber implants thatif not discoveredcould have led to severe outages. The grid includes more than 7,300 power plants,160,000 miles of high-voltage power linesand 55,000 transmission substations. Federal agencies should also be provided with specific mission jurisdictions for implementing risk management policy frameworks in coordination with regulators, and utilities themselves. In the article Bracing for a big power grid attack: 'One is too many', USA Today states "About once every four days, part of the nation's power grid a system whose failure could leave millions in the dark . The attackers disrupted the supply of oil supplies on the US East coast and demonstrated the lack of a cybersecurity framework for both preparation and incident response. The all-hazards approach favored in emergency management may prove insufficient for a blackout of long duration covering large swaths of the nation. It's not yet clear whether any of the attacks were coordinated. The policy should also address how the administration would view the discovery that an adversary had taken initial steps toward a takedown of the grid, particularly the discovery that foreign actors had infiltrated utility networks. 20 March 2022. Article Source: U.S. Dept. Renewing America, Stopping Illegal Gun Trafficking Through South Florida, Blog Post What Happens When Russian Hackers Come for the Electrical Grid Annual Lecture on China: Frayed RelationsThe United States and China, Virtual Event The agency has not yet confirmed if it is investigating the incidents. It said it was actively cooperating with the FBI. Opinions expressed by Forbes Contributors are their own. What Can Be Done? In each case, the United States should consider not only the potential damage and disruption caused by a cyberattack but also its broader effects on U.S. actions at the time it occurs. On the domestic front, a highly disruptive attack would likely upend the model of private sector responsibility for cybersecurity. "Everyone's ears perk up when 'cyber attack' meets 'electric utility,' but thankfully, the grid was not affected in this case," noted Bill Lawrence, CISO at SecurityGate.. "By the way, a large percentage of the smaller, distribution-level electric cooperatives are immune from . Potential indicators could include smaller test-run attacks outside the United States on systems that are used in the United States; intelligence collection that indicates an adversary is conducting reconnaissance or is in the planning stages; deterioration in relations leading to escalatory steps such as increased intelligence operations, hostile rhetoric, and recurring threats; and increased probing of electric sector networks and/or the implementation of malware that is detected by more sophisticated utilities. How the U.S. government reacts, more than the actual harm done, will determine whether the cyberattack has a continuing impact on geopolitics. By Kevin Collier. Scott L. Hall and Callie Carmichael, USA TODAY. Most experts believe that the current complexity of grid operations in the United States would make a switch to manual operations difficult; newer systems might not allow for the use of manual controls at all. Industry experts, federal officials and others have warned in one report after another since at least 1990that thepower grid was at risk, said Granger Morgan, an engineering professor at Carnegie Mellon University who chaired three National Academies of Sciences reports. The grid is under attack. Attacks on the United States' power grid have been the subject of extremist chatter for some time, notably ticking up in 2020, the same year a 14-page how-to on low tech attacks, including . The bottom line is that cybersecurity for the U.S. Energy Grid must be elevated, One group elevating preparedness is an organization called The Electric Grid Cybersecurity Alliance. with Heidi Campbell and Paul Brandeis Raushenbush WASHINGTON Ukrainian officials said on Tuesday that they had thwarted a Russian cyberattack on Ukraine's power grid that could have knocked out power to two million people . Any of the systems principal elementspower generation, transmission, or distributioncould be targeted for a cyberattack. Solar storms are a different existential threat to address. A string of attacks on power facilities in Oregon and Washington has . But the electricity grid is an attractive target for cyberattacks from U.S. adversariessuch as nations like China and Russia, as well as individual bad actors, such as insiders and criminals. By Grant Asplund, Cyber Security Evangelist, Check Point Software. In 2017, Russia deployed the notorious NotPetya malware via Ukrainian accounting software and . He said that in one group, you have utility executives, their regulators, and the elected officials who oversee the energy industry. These events, CMEs for [+] short, are powerful releases of solar charged particles (plasma) and magnetic field, travelling on the solar wind.