For years, a bevy of national security, cybersecurity, energy, and other experts in important government agencies have strongly and clearly warned about the cataclysmic dangers facing America from cyberattacks on the electric grid. Hostile nation-states and others could wipe out electricity in large parts of the country for weeks or longer, leading to widespread death, economic chaos, and other upheavals.
So how come this issue is seldom discussed at major political forums or a topic of kitchen table conversations?
A key reason is that in a television-focused and social media obsessed world, video has not been used to demonstrate the threats America’s electric grid faces from cyberattacks. That must change to prevent complacency from taking hold. Otherwise, the compelling and disturbing reports from the Department of Homeland Security, U.S. Energy Department, the Cyberspace Solarium Commission, the Director of Intelligence, and others risk being disregarded, making America even more vulnerable.
Among other effects, electric grid attacks would create spectacular and disturbing explosions. In December 2018, a transformer explosion in New York City turned the sky blue for miles and even led to a halt in flights at LaGuardia Airport. A July 2019 transformer fire in Corpus Christi, Texas also produced dramatic camera footage.
There should be an intentional effort made to capture via video the destruction that cyberattacks will cause to the electric grid. One place to start is to repeat an experiment where 30 lines of code were enough to blow up a 27-ton generator, the topic of a gripping article by Wired reporter Andy Greenberg. He reviews the March 2007 experiment at Idaho National Laboratories led by Mike Asante who had served as chief security officer at American Electric Power. His expertise encompassed both power grid architecture and computer security.
Asante’s hypothesis, Greenberg says, focused on, “What if (cyber) attackers didn’t merely hijack the control systems of grid operators to flip switches and cause short-term blackouts, but instead reprogrammed the automated elements of the grid, components that made their own decisions about grid operations without checking with any human?” Asante was particularly concerned with protective relay equipment.
When 30 codes of malicious code were sent, the diesel generator being tested began to come apart in dramatic fashion. As Greenberg says, “Black chunks began to fly out of an access panel on the generator, which the researchers had left open to watch its internals.” This was followed by rising clouds of gray and black smoke as wiring and insulation melted and burned.
Asante’s tests should be repeated, and similar tests done on electrical equipment at Idaho National Laboratories. These should also be filmed and shared with utility executives, regulators, policy makers, news media, and the public.
The dramatic and intentional use of videos is better at changing thought processes and opinions than the written word, as marketers have long emphasized and documented. But this does not denigrate the excellent work done by scientists, engineers, and policy makers on the threats we face from cyberattacks.
Rather, it bolsters those arguments and helps to create the national awareness and resolve necessary to lessen the odds of cyberattacks against America’s electric grid, our lifeline for modern living.
About the Author: Paul Steidler is a Senior Fellow with the Lexington Institute, a public policy think tank based in Arlington, Virginia.
Find Archived Articles: