As Washington hunts ill-defined al-Qaeda groups in the Middle East and Africa, and concerns itself with Iran’s eventual nuclear potential, it has a much more pressing problem at home: Its energy grid is vulnerable to anyone with basic weapons and know-how.
Forget about cyber warfare and highly organized terrorist attacks, a lack of basic physical security on the US power grid means that anyone with a gun—like disgruntled Michigan Militia types, for instance--could do serious damage.
For the past two months, the US Federal Energy Regulatory Commission (FERC) has been tasked with creating a security strategy for the electric grid and hydrocarbon facilities through its newly created Office of Energy Infrastructure Security. So far, it’s not good news.
“There are ways that a very few number of actors with very rudimentary equipment could take down large portions of our grid,” warns FERC Chairman Jon Wellinghoff. This, he says, “is an equal if not greater issue” than cyber security.
FERC’s gloom-and-doom risk assessment comes on the heels of the recent declassification of a 2007 report by the National Academy of Sciences.
The National Academy of Sciences on 14 November warned that a terrorist attack on the US power grid could wreak more damage than Hurricane Sandy. It could cause massive blackouts for weeks or months at a time. But this would only be the beginning, the Academy warns, spelling out an “end of days” scenario in which blackouts lead to widespread fear, panic and instability.
Related Article: New Yorkers Challenge LIPA, FEMA over Power Outages
What they are hinting at is revolution—and it wouldn’t take much.
So what is being done to mitigate risk? According to FERC, utility companies aren’t doing enough. Unfortunately, FERC does not have the power to order utilities to act in the name of protecting the country’s energy infrastructure. Security is expensive, and more than 90% of the country’s grid is privately owned and regulated by state governments. Private utilities are not likely to feel responsible for footing the bill for security, and states may not be able to afford it.
One key problem is theoretically a simple one to resolve: a lack of spare parts. According to the National Academy of Sciences, the grid is particularly vulnerable because it is spread out across hundreds of miles with key equipment not sufficiently guarded or antiquated and unable to prevent outages from cascading.
We are talking about some 170,000 miles of voltage transmission line miles fed by 2,100 high-voltage transformers delivering power to 125 million households.
"We could easily be without power across a multistate region for many weeks or months, because we don't have many spare transformers,” according to the Academy.
High-voltage transformers are vulnerable both from within and from outside the substations in which they are housed. Complicating matters, these transformers are huge and difficult to remove. They are also difficult to replace, as they are custom built primarily outside the US. So what is the solution? Perhaps, says the Academy, to design smaller portable transformers that could be used temporarily in an emergency situation.
Related Article: Obama's Nuclear Power Plans
Why was the Academy’s 2007 report only just declassified? Well, its authors were worried that it would be tantamount to providing terrorists with a detailed recipe for attacking and destabilizing America, or perhaps for starting a revolution.
The military at least is preparing to protect its own power supplies. Recently, the US Army Corps of Engineers awarded a $7 million contract for research that demonstrates the integration of electric vehicles, generators and solar arrays to supply emergency power for Fort Carson, Colorado. This is the SPIDERS (Smart Power Infrastructure Demonstration for Energy Reliability and Security), and the Army hopes it will be the answer to more efficient and secure energy.
Back in the civilian world, however, things are moving rather slowly, and the focus remains on the sexier idea of an energy-crippling cyberattack.
Last week, Senator Ed Markey (D-Mass.) urged House Energy and Commerce Committee chairman Rep. Fred Upton (R-Mich.) to pass a bill—the GRID Act--which would secure the grid against cyberattacks.
"As the widespread and, in some cases, still ongoing power outages from Superstorm Sandy have shown us, our electric grid is too fragile and its disruption is too devastating for us to fail to act," Markey wrote. "Given this urgency, it is critical that the House act immediately in a bipartisan manner to ensure our electrical infrastructure is secure."
This bill was passed by the House, but has failed to gain any traction in the Senate.
FERC, of course, is all for the bill, which would give it the authority to issue orders and regulations to boost the security of the electric grid's computer systems from a cyberattack. But it’s only a small piece of the security puzzle, and FERC remains concerned that authorities are overlooking the myriad simpler threats to the electricity grid. These don’t make for the easy headlines, especially since they are not necessarily foreign in nature.
By Charles Kennedy for Oilprice.com
According to Wikipedia, "Starting in 2010, The Michigan Militia started actively training in natural and man-made disaster response, search & rescue and volunteering with the American Red Cross. The Michigan Militia, as of July 2011, has seen call outs for 2 natural disaster responses and 3 search & rescue operations."
Yup, a pretty scary group!
1. An attacker with a sufficiently large explosive device. The most recent attempted terrorist attacks show that this is a lot harder than one might think. Building bombs is not so easy, despite all that information on the web. And even collecting bomb-making materials might raise suspicions.
2. An attacker with sufficient knowledge of how utilities work to know where to place the bomb, or if he commandeers a control room, which levers to flip. This is fairly specialized knowledge, and few people have it.
3. The ability to gain access to a substation to plant a bomb without being detected or electrocuting himself. Most substations have several layers of barriers - fences, etc. And after the first one is breached, someone will respond, greatly reducing the chance of success.
4. The motivation to do all this. All terrorist attacks to date (actual and attempted) have been designed to be highly symbolic and dramatic. The WTC and airplanes are symbols of US financial and technical power. Bombs in the streets of New York sow panic in the biggest US city. There's no doubt that terrorist are behind these kinds of acts, and the more the notoriety, the better -- that's part of the goal, after all. Now think of a substation bomb, which just as easily could be blamed on "innocent" equipment failure. Thousands of people are "greatly inconvenienced" for weeks. Where's the notoriety in that?
I submit that the number of people who have all these are very small. In addition, this risk has always existed since we've had power plants -- it's not something new. The fact that there hasn't been an incident should tell us something about the real probability of such an attack.
In the early 90s we experienced a series of gunfire attacks against our substations and transmission lines. Many of our assets are located in rural areas and vulnerable to attack. The gunman appeared to have knowledge of these remote locations which ruled out the "random attack" theory. Off duty Law Enforcement was contracted to secure EHV substations, and our power plants increased their physical security. The shooter(s) would simply drive by a guarded substation and hit one of the more remote unsecured locations.
We had deployed multiple mobile substations while the damaged units were replaced or repaired. Local, State and Federal law enforcement agencies became involved. The shooter(s) final attack was on our transmission lines near one of our power plants. With growing media attention, the attacks abruptly stopped.
In a conversation with the director of security, he advised we were down to one mobile substation. Our spare power transformer supply had been depleted. He had been summoned by the company CEO and questioned about how this happened and what measures could be taken to prevent future attacks. My old boss held up a substation directory that was about the size of a small city phone book and said "sir we would have to call out the national guard in order to secure all of our substations and transmission towers".
Post 911 the company security force has expanded, perimeter security walls are in place at key substations and electronic security systems have been upgraded and expanded. Absolute security is not attainable. However, we can and will continue our target hardening efforts.