The threat of a devastating cyber attack on the U.S. electrical grid is increasing due to the Obama administration’s politically correct policies that spend vast sums on green and smart grid technologies while failing to secure power grids from cyber attack.
A report by the Manhattan Institute, a New York think tank, warns that the push to integrate wind and solar electrical power into the $6 trillion electric utility system has created new vulnerabilities that other nations could exploit in a future cyber war.
"Electric grids have always been vulnerable to natural hazards and malicious physical attacks," writes Mark Mills, a physicist and engineer who authored the Manhattan Institute report. "Now the U.S. faces a new risk—cyber attacks—that could threaten public safety and greatly disrupt daily life."
The U.S. electrical power network is not made up of a single grid, but a complex web of eight regional "supergrids" linked to thousands of local grids. Under a drive for improved efficiency, government policymakers and regulators in recent years have spent tens of billions of dollars on so-called "smart grid" technology. But the efficiency drive has not been matched with new technology that will secure grids against cyber attacks.
Utility owners also have resisted improving cyber security over concerns doing so would increase operating costs and force unpopular rate hikes. Yet the failure to take steps now to deal with future threats could prove catastrophic.
The threat, according to the report, is not the current state of security but the future use of greener and smarter electric grids, interconnected and linked to the Internet. "These greener, smarter grids will involve a vast expansion of the Internet of Things that greatly increases the cyber attack surface available to malicious hackers and hostile nation-state entities," the report warns, adding that cyber attacks overall have risen 60 percent annually over the past six years and increasingly include the targeting of electric utilities.
A recent survey by Cisco Systems revealed that 70 percent of electric utility security managers suffered at least one security breach.
Unfortunately, Obama’s liberal agenda forced government policymakers and regulators to promote green and smart grid technologies while spending relatively trivial amounts to secure those grids from cyber attacks.
"Greater grid cyber security in the future means that policymakers must rethink the deployment of green and smart grids until there are assurances that security technologies have caught up," the report recommends.
Part of the problem for grid security is that power networks are controlled by the private sector utilities. Government can and must provide intelligence and warning of cyber threats. But grid security is the responsibility of industry and there is an urgent need for the private sector to do more to defend the country from a future devastating blackout.
Further, the government and electric companies appear to be playing down the danger, claiming cyber attacks are less likely than squirrels eating electrical cables, or tree limbs shorting out wires.
This attitude was reflected in a controversial Department of Homeland Security Report produced in January that concluded the threat of a damaging or disruptive cyber attack on the electric infrastructure was low. The study was an embarrassing reminder that the federal government is ill-prepared for future dangers. A month before the DHS report, Russian hackers took down portions of Ukraine’s power grid in what has been called the first known cyber attack on an electricity infrastructure.
The problem of grid security has been made worse by the past seven years of administration policies that subordinated building up security against cyber attacks to integrating environmental technologies. The liberal worldview mistakenly has placed climate change as a greater national security threat than future cyber attacks from nation states.
According to the Manhattan report, wind and solar power will be unable to meet the country’s 24/7 energy demands for the foreseeable future. Yet programs to develop these energy sources received over 75 percent of all new generating capacity, with some $150 billion invested by the federal government on green and smart grid programs. By contrast, the Energy Department spent $150 million on cyber security research and development.
Blackouts have occurred in the past, mainly after hurricanes. One non-natural disaster was the August 2003 blackout that affected New York City and the Northeast. That power outage put 50 million people in the dark for two days, and caused $6 billion in damage. The cause was a combination of a software glitch and human error that resulted in a localized power outage in Ohio cascading into a widespread regional power disruption.
According to the Manhattan Institute study, Lloyd’s estimates that the damage from a worst-case cyber attack that causes a widespread blackout would cost between $250 billion and $1 trillion.
The coming danger will involve sophisticated nation state cyber attacks. U.S. Cyber Command chief Adm. Mike Rogers announced in March that it is a matter of "when, not if" a foreign power will attack critical U.S. infrastructures.
Peter Pry, a former CIA officer and grid security advocate, says the report correctly identified the contradiction between Obama administration’s green agenda and the need to protect the nation’s energy security.
"The ‘war on coal’ and other hydrocarbon sources of energy, and the Obama administration's environmental obstacles to development of nuclear power, is making the nation less safe," said Pry, executive director of the Task Force on National and Homeland Security.
Coal-fired electric plants and potentially nuclear power provide the country with the most resilient source of electric power. But the administration’s push to phase them out and replace them with wind and solar energy generation is not only technologically unrealistic. It will reduce national electrical supplies at a time when demand is increasing sharply.
The result will be both increase costs for electric power and increase risks to national survival in the aftermath a major cyber attack.
"The increased risks to the national electric grid and national security by Obama's green agenda, driven by the alleged threat from climate change, is even more true for greater threats to the grid posed by natural and manmade electromagnetic pulse (EMP)," Pry said. "These threats and cyber are here and now, while climate change—if this scientifically dubious threat occurs at all—is in the future."
Mills, the Manhattan Institute researcher, told the Washington Free Beacon that cyber security "is the existential challenge of the Internet, but so far mainly about private info and financial data."
"Meanwhile, the so-called smarter grid and green power both require a vast increase of Internet connectivity bolted onto our electrical grids," he said. "What in the world makes green pundits think that rapidly expanding and exposing our critical grid infrastructure to the Internet is a good idea to rush into?"
The Cyber Threat column will be co-published on Flash//CRITIC Cyber Threat News at flashcritic.com.