The Cyber Threat to Utilities Just Got Scarier

Russian hackers have broken into the control rooms of U.S. utilities where they could cause blackouts, federal officials have told the Wall Street Journal.

The Russian hackers, who worked for a shadowy state-sponsored group previously identified as Dragonfly or Energetic Bear, broke into supposedly secure “air gapped” or isolated networks owned by utilities with relative ease by first penetrating the networks of key vendors who had trusted relationships with the power companies., said officials at the Department of Homeland Security.

“They got to the point where they could have thrown switches” and disrupted power flows, said Jonathan Homer, chief of industrial-control-system analysis for DHS.

Federal authorities did not identify which utilities had been compromised.

Needless to say, all manner of groups — from the North American Electric Reliability Council, the federal agency that regulates electric reliability, to PJM Interconnection, which oversees the regional grid of which Virginia is a part, to the electric utilities themselves — are paying very close attention to this issue.  The obvious question for Virginians is this: What can state legislators and regulators do… if anything?

One of the aims of the Grid Modernization and Security Act of 2018, enacted this year, is to upgrade the electric transmission and distribution systems maintained by Dominion Energy, Appalachian Power Co., and the electric cooperatives. Priorities include protecting the grid against terrorist attacks and cyber attacks, although it is not clear yet what additional resources will be allocated to those efforts. Whatever conversation occurs, much of it will be behind closed doors on the not-unreasonable grounds that we don’t want to tip off the bad guys to what we’re doing.

But public involvement would helpful in some areas. What grid configuration would be the most secure? One could make the argument that a centralized grid operated by a handful of players would be easier to protect from cyber-intrusion than a grid with many players that is only as secure as the most vulnerable among them.

Conversely, one could argue that a distributed grid would be preferable. It would be easier for the Russkies (or Chinese, or Iranians, or North Koreans) to take out, say, a nuclear power plant or to overload a critical transmission line than it would be to take out thousands of small rooftop generators connected by a micro-grid.

The answers to such questions would shape the kind of electric grid that will best serve the interests of all Virginians.

Bacon’s Rebellion is in the process of organizing a roundtable on the Future Grid to discuss issues just like this. Right now, we are looking for a neutral venue (not tied to any particular faction or interest group) to host the first meeting. If you would like to participate or can suggest a meeting location, please contact me.

Share this article


(comments below)


(comments below)


10 responses to “The Cyber Threat to Utilities Just Got Scarier”

  1. LarrytheG Avatar

    Here’s the likely narrative from our beloved leader. ” This is fear-mongering by the Lame Stream Media… there is no Russian threat.. it’s a bogus narrative to deflect from Hillary and the Dems losing” !!!!

    Seriously, how can we take any of this seriously if the POTUS blows it off?

  2. TooManyTaxes Avatar

    Interestingly, I heard on CNN this morning that the Russian hacking into the electric grid/production system in the United States began in 2014. Hmmm?
    Let me see. As I recall, our president was Barack Obama then. How come we didn’t hear about this back then? Oh, I know. It’s inconsistent with the political agenda of the Ministry of Enlightenment and Propaganda and the rest of the Goebbels Gang.

  3. Larry and TMT, the worst thing we can do is derail discussion of the cyber-security issue with partisan politics!

    If I had to choose, I’d agree with TMT, but I really don’t want the conversation to veer off in this direction. It’s not helpful at all.

    1. LarrytheG Avatar

      If you follow TMT – you’d just be taking the right-wing bait…on this and other issues:

      Obama Order Sped Up Wave of Cyberattacks Against Iran

      Do you think if Obama was ordering cyber strikes against our adversaries that he was not also aware of our own vulnerabilities?

      The difference is that unlike the current POTUS – he kept his mouth shut on these issues AND he DID listen to and rely on his intelligence agencies.

      Obama warns of power grid’s lagging cyber defenses |
      10/29/15 04:18

      The U.S. isn’t spending enough to defend its power grid from cyberattacks, President Obama warned on Thursday as he declared November Critical Infrastructure Security and Resilience Month.

      so now ya’ll can go back to sucking up right wing propaganda on the issue.

  4. Steve Haner Avatar
    Steve Haner

    This little cyber cold war – and do not for one minute think we can’t/don’t do this, too – has been going on for a very long time. The next time a president brags about shock and awe it won’t be the F-117s he (or she) is pointing too. So yeah, be afraid, and hope our computer nerds are better than theirs.

    The 2018 legislation was about enriching the company and its stockholders – that and nothing more. The steps that are needed to deal with this are already underway and we are already paying for it.

  5. Steve Haner Avatar
    Steve Haner

    Just think, one day the American image of a military hero will not be the muscular Navy Seal or hot shot fighter jock or GI Joe leading his platoon, but the lonely and somewhat sad computer geek manning “the wall” just like the Night Watch in Westeros!

    1. LarrytheG Avatar

      naw.. it will be a 400lb pimple-faced Nerd “defending”…. I’m quite sure.. I think even the POTUS alluded to it…. 🙂

      1. Steve Haner Avatar
        Steve Haner

        He won’t ride his bike to work.

  6. TooManyTaxes Avatar

    I agree that cyber security is an incredibly important issue that should transcend politics. But then didn’t the military call global warming the biggest threat a few years ago? Could that have been political?

    I came to Washington, D.C. back in the mid-80s. I came with a belief that it was a nasty place where too many people tried to prosper on the backs of others – you know those rubes a/k/a people who cling to their guns and religion a/k/a deplorables. I’ve meet a lot of good people in the 30 plus years I’ve lived here but the federal government has its own interests in mind and those of special interests. It’s a filthy sewer.

    In a regular situation, we’d expect the media and now the outside media on the Internet to expose all of this irrespective of the political/ethnic/gender/racial labels involved. The first player is no longer interested in anything that does not advance the Progressive Cause(s). We are solely dependent on the second institution.

    Back when I was a kid, I read the St. Paul Pioneer Press and Dispatch (morning and evening) religiously. I used to follow the Minnesota legislature which was officially non-partisan. It had liberals and conservatives that generally, but not always, linked to Ds and Rs. I thought the papers did a pretty good job of informing the reader what was going on. But I could rarely tell whether the newsmen (weren’t many women covering the Legislature then) liked the liberal positions or conservative positions on most legislation. Wouldn’t it be nice if journalism went back to the future?

  7. LarrytheG Avatar

    TMT – ” Pentagon is still preparing for global warming even though Trump said to stop”

    The Pentagon’s interest and concern in Global Warming was NEVER political until people make it so.

    ” “A changing climate will have real impacts on our military and the way it executes its missions,” the Defense Department concluded in the 2014 report. “The military could be called upon more often to support civil authorities … in the face of more frequent and more intense natural disasters.”

    “Hampton Roads region in Virginia, which houses the largest concentration of U.S. military sites in the world, we see recurrent flooding today, and we are beginning work to address a projected sea-level rise of 1.5 feet over the next 20 to 50 years,” the roadmap concluded.”

    This is an example of how we have managed to make just about everything INCLUDING Cyber Security – POLITICAL – when PRIOR to this point in time – it was not!

    It was simple common sense and proactive actions against what science was warning us about – as they had always done – with other issues like Ozone and Hurricane predictions … and we listened and we acted…in response to their advice – including the military – who does know a thing or two about protecting it’s infrastructure from weather – and climate as per their responsibility and duty.

    Only in a country run by anti-science idiots and would-be dictators do we get such moronic edicts like ” It is forbidden to account in planning for the effects of Global Warning”

    While the Trump administration has largely rejected climate change as an issue, the Department of Defense and Congress have identified it as a major potential threat to national security.”

Leave a Reply