The perception of physical security threats has changed drastically since Sept. 11, 2001. The terms IEDs, terrorist, extremist, and radicalization are now routinely used, and “when” has replaced “if” to identify the likelihood of a terrorist attack occurring in North America.
Attacks on critical infrastructure, specifically electric generation and transmission facilities, could be used to cause widespread panic and create economic distress in a country already on-edge in this “age of terror.” The August 2003 Northeast blackout demonstrated the impact to society when a portion of the North American electric grid goes black. While the 2003 blackout was attributed to an accident, it nevertheless points to the vulnerability of the grid, and with it, associated risks to North America’s health, safety, and economic security.
In reality, threats to the grid have not significantly changed from those prior to 9/11. There is however, an increased awareness of potential risks to the grid and the recognition that it is vulnerable to criminal actions. We see this interest as we monitor proposed legislation in Washington DC, to try and better regulate private industry, in the context of cybersecurity. With or without legislation, ideologically motivated terrorists, disgruntled employees, traditional criminals, and foreign states each provide unique, but manageable threats to a utility’s security program.
Currently, the most significant reliability threat to the U.S. grid is associated with squirrels and balloons, and not religiously inspired terrorists. However, and more applicable to grid operators, we have recently seen noteworthy interest in disabling or destroying critical infrastructure. Coordinated attacks specifically targeting the grid are rare, but an attack by a disgruntled former employee, ideologically motivated activist, or a criminal stumbling across a “soft target”, could inflict significant damage. With an interconnected grid of over 450,000 miles of high voltage transmission lines (100 kV and higher), and over 55,000 substations (100 kV and larger), the targets of opportunity are endless.
The infrastructure risk associated with criminal threats, both traditional and terrorist, is dependent on the asset’s importance to the grid, or the commodities stored on site. Common threats include vandalism, copper theft, and unauthorized access into the facility perimeter. Prevention and mitigation strategies for these offenses are dependent on a facility’s vulnerabilities. Recognition of criminal threats and the identification of vulnerabilities, will determine the risk to a facility.
Criminals will continue to exploit vulnerabilities at soft targets for terror, financial, ideological, or vengeful purposes. Those who wish to inflict damage have demonstrated the capability to successfully plan and execute attacks with little or no advance warning on critical infrastructure.
Electricity is perhaps the most vital of the critical infrastructures and key resources that support our society. The mission of the North American Electric Reliability Corporation (NERC) is to ensure the reliability of the North American bulk power system (BPS). While electric utility companies are responsible for administering the day-to-day operations of the electric grid, regulators such as NERC and the Federal Energy Regulatory Commission (FERC) are charged with the overall responsibility of ensuring reliability and security. NERC develops and enforces Reliability Standards, annually assesses seasonal and long‐term reliability, monitors the bulk power system through system awareness, operates the Electricity Information Sharing and Analysis Center (E-ISAC), and educates, trains and certifies industry personnel.
Normal everyday operations of the system is the responsibility of utility owners and operators. During emergencies, NERC supports industry actions to respond, mitigate, and restore the BPS to normal operation by facilitating effective information sharing and communication with and between NERC registered entities, government agencies, and the media. This information is not focused on operational decision making, but instead provides utilities data, best practices, and mitigation strategies to help recover from crisis. Obviously, NERC as a regulatory body, must stay out of emergency response until the utility has best mitigated the threat or reliability issue.
The grids infrastructure is widely dispersed across North America, and in most instances is located in unpopulated and isolated locations, making it cost prohibitive and logistically difficult to physically protect all assets. With the limited physical protection provided to some generation, transmission and distribution assets, it will come as no surprise that these assets are soft targets and are therefore vulnerable. This reality comes with an increased awareness of potential threats to the grid. With this attentiveness is the increasing recognition that it is vulnerable to disasters, whether they’re natural, accidental or criminally induced. Americans have a low tolerance for grid failure and a high expectation that system operators will ensure that there is an uninterrupted supply of energy for vital services.
Critical infrastructure protection is a cyclical process incorporating prevention, detection, mitigation, response and recovery. The key to this protection is the identification of credible threats, which will assist energy companies in assessing risks and potential vulnerabilities (weaknesses) of their facilities. Once a threat has been thoroughly analyzed, it is then possible to institute preventative measures to deter, detect, and delay an attack. Of course, critical infrastructure protection planning must always include mitigation, response and recovery actions in the event an attacker is successful.
The government’s primary responsibility is to ensure the health, safety and security of its citizens, thus having a vested interest in the protection of the grid. Within the past 10 years, federal, provincial, and state statutes and regulations emphasize the importance of the development and maintenance of public/private/partnerships (PPP) to share the concern for the protection of the grid.
Within North America, the National Strategy for Critical Infrastructure (Canada) and the National Infrastructure Protection Plan (United States), establish a collaborative approach that is used to strengthen critical infrastructure resiliency. These strategies recognize that each level of government, as well as infrastructure owners and operators, have major roles and responsibilities in strengthening the resiliency of critical infrastructure and will exercise their responsibilities as appropriate and according to each respective jurisdiction.
While the security of the grid is a shared responsibility between the government and the private sector, the primary responsibility rests with utility owners and operators. Utility security staff has a responsibility to ensure they are able to receive and act upon criminal intelligence and be prepared to identify risks and vulnerabilities associated with security threats.
Significant progress has been made in the electricity industry surrounding the issue of security. Unfortunately, many do not realize the amount of reports, guidelines, standards, and assessments that have been developed for use. NERC and FERC must continue to enforce mandatory reliability standards while also providing educational opportunities for industry. A major part of this education should be focused on grid resilience with an emphases on security.
NERC and the industry have gone through multiple iterations of mandatory Critical Infrastructure Protection Standards that focus on security protections. These reliability standards are the only mandatory cyber standards enforced on critical infrastructure owners and operators. Given the political pressure to regulate critical systems, it is important for NERC and the industry to showcase these standards and demonstrate how the system is more secure. The CIP Standards, while not perfect, may be the shining example for other sectors to immolate.
NERC should continue being the central information sharing “hub” of the electricity sector. This established role, with federal recognition from the Department of Energy, sets up NERC as the authority for BPS expertise and real time grid status to external stakeholders. The role of the E-ISAC is to provide utilities with information regarding incidents, threats and vulnerabilities to the BPS. The E-ISAC also collects, analyzes, and disseminates alerts and incident reports to utilities and helps government agencies understand potential impacts on the grid. Lastly, and most important, the E-ISAC provides a platform for mutual information sharing and assistance during crisis.
We must assume that at some point in the future a North American utility will suffer from a planned and coordinated attack against electrical infrastructure. As an industry, we will be judged and hard questions will be asked about how serious we considered the threats and what we did to mitigate future attacks. Success will be determined by how quick we are able to respond and the swiftness of system recovery. There is no doubt that security is an “all hands” approach by everyone involved.
This article is published as part of the IDG Contributor Network. Want to Join?