Sunday, September 15, 2013

The Next Disaster Scenario Power Companies Are Preparing For. By Tom Gjelten

Part of the Robert Moses Niagara Power Plant in Lewiston, N.Y., is seen from the air on Aug. 14, 2003, during a massive power outage that stretched from New York to Detroit and into Canada│David Duprey, AP.

(NPR)  In the 10 years since sagging power lines in Ohio sparked a blackout across much of the Northeastern United States and Canada, utility engineers say they have implemented measures to prevent another such event in the country's electric grid.

But there is one disaster scenario for which the power companies are still unprepared: a massive attack on the computer networks that underlie the U.S. electric grid.

Energy industry leaders believe a cyberthreat could produce a blackout even bigger than the August 2003 outage, which left an estimated 50 million people in the dark.

"We have to treat the cyberthreat with the same respect that we give to forces of nature, [such as] hurricanes, floods, ice, storms," said Chris Peters, vice president for critical infrastructure at Entergy, a company that operates nuclear power plants. "We have to fund it, we have to staff it and we have to be ready to respond as necessary."

Peters was among several power executives who gathered in Washington recently to discuss the need to better protect the electric grid against cyberattacks. Their consensus judgment was that such attacks are probably inevitable.

"At some point in time, somebody is coming at me," said Scott Saunders, information security officer for the Municipal Utility District in Sacramento, Calif. "It's going to happen."

The New Grid

The concern that computer hackers could shut down the electric grid stems from technological changes in the power industry. Much of the equipment used in the grid, from the generators to the transformers, is now operated by computers. By disrupting computer network operations, hackers could shut down a key part of the grid.

They would still need access to the computers, but this obstacle could be overcome because many of those computers are now connected to the Internet.

"Now we can remotely manage devices via the Internet," notes Mark Weatherford, until recently a top cyberspecialist at the Department of Homeland Security. "So instead of putting someone in a truck and having them drive a hundred miles to a substation in the middle of the mountains somewhere, you remotely manage that."

Weatherford, now consulting on cyber issues at the Chertoff Group, says power companies saw that managing grid operations via the Internet brought efficiencies and cut costs, so they jumped at the chance. Perhaps a bit recklessly.

"To no one's fault at the time — we didn't realize it — [we] didn't think about the security and the insecurity [of Internet connections]," Weatherford said. When a computer is connected to the Internet, a skilled hacker can often find a way to break into it.

This is the new disaster scenario for power companies. Security experts in the industry are aware of the challenge and moving quickly to meet it, but the threats to their networks may be evolving even faster ... ► Read and listen the full article by Tom Gjelten in NPR

Source: NPR
Author: Tom Gjelten covers a wide variety of global security and economic issues for NPR News ... more


No comments:

Post a Comment