Quick Take: I’m far from a security expert and I don’t even play one on TV. But I do have lots of friends who are knowledgeable and several of them think the electric power industry is overlooking the biggest cyberthreat of all.
Some context – most national and international security experts now predict a major cyber attack on the United States within the next five years. Many of them believe the electric power grid will be a primary target. And many of those believe the Aurora vulnerability is (currently) the easiest way to attack the grid.
Below I’ve quoted a paragraph from a September article in Power Magazine. Get your hands on the full article as soon as you can, and hand it to your security team. You’ll also want them to review the 2011 IEEE presentation on Aurora Vulnerability Issues and Solutions, which you can download by clicking the link.
Who should be concerned? As the blog’s author, cybersecurity expert Joseph Weiss puts it “any electric utility with three-phase rotating electric equipment.” How many utilities are prepared? As Power Magazine says: Virtually none. – By Jesse Berst
“An AURORA attack results when a circuit breaker or breakers are opened and closed. resulting in an out-of-phase condition that can damage alternating current (AC) equipment connected to the grid. A demonstration of this for the Department of Homeland Security conducted at the Idaho National Laboratory (INL) in 2007, was broadcast by CNN. The results of this specific test demonstrated that the threat associated with rapidly disconnecting and reconnecting a generator to the grid but out of phase — via physical or cyber intrusion of control systems conducted maliciously or unintentionally — could have serious effects on system operation. Connecting AC equipment out of phase is a known vulnerability, but doing it maliciously was brought to light by the test conducted by INL.”
Here are a few other key points, according to Power Magazine:
- Virtually no utilities have taken action to protect against this attack
- Existing substation protection does not act fast enough to mitigate an Aurora event
- This gap in protection can only be handled by a hardware fix
- Aurora damages generators, which can potentially result in a grid collapse
- Aurora also threatens synchronous induction motors meaning that factories, pipelines, refineries, mass transit and data centers are directly at risk as well
- Mitigation is inexpensive and straightforward – you place a hardware device between each substation and its loads.
Jesse Berst is the founder and Chief Analyst of SGN and Chairman of the Smart Cities Council, an industry coalition.
