Cyber-security in the electrical grids has become big business, but is it safe yet?
I recently stumbled upon a banner ad for a fascinating international conference: “Istanbul 2017,” a gathering of cyber-security professionals and a showcase for their businesses. Even more intriguing than this trade show ad was the website where it was placed: OSGP.org, or the Open Smart Grid Protocol.
A smart grid, as defined in U.S. law, includes: control by digital interface (computer) and other electronic systems; dynamic optimization of operations and resources with full cyber-security; integration of energy resources and generation including renewables; deployment of “smart” technologies for metering, communications, automation of distribution, and consumer devices.
OSPG is a standard—some would say the gold standard—for command and control of energy systems and energy delivery worldwide. The United States, however, is not (yet) on board with the protocol, and the question of grid security persists.
Not that OSPG is the answer to all cyber-threats, either. Researchers have successfully hacked into OSPG systems occasionally, retrieving confidential and proprietary data. There’s reason to believe—indeed it’s a specific, stated goal of the U.S. and OSPG—that smart grids will be 100 percent tamper-proof, eventually. The real danger is what can happen in the meantime.
Already, U.S. grid systems have been compromised in what are described as ransomware attacks. Since the country’s electrical power is distributed through several grids, not just one, it would take a coordinated, sophisticated assault to cause a nationwide blackout. Of course, anything close to that would set off a catastrophe within hours.
As depicted in the National Geographic film “American Blackout,” several situations can be expected during a major failure of the grids:
- No running water, no toilet flushing
- No furnaces
- No functioning gasoline pumps
- No traffic lights, causing widespread traffic jams
- Little or no emergency services, due to traffic conditions
- No functioning ATMs
All of the above conditions would occur within the first few hours. The longer-term effects are too many to list. They can best be described as domino effects where, eventually, small clusters of residential homes and business buildings would be isolated completely from everyone and everything else.
Confidence in the U.S. government to carry out its security responsibilities to its citizens is waning. Dysfunction in Washington, D.C. is growing. So, as thorough and lofty as the goals of the Department of Energy and of OSPG may be, they mean little without robust and timely deployment. If the government were trying to feed something like an “emergency management industrial complex,” we would know for sure that trouble is coming. There being no known evidence of such a thing, we can be somewhat assured that their efforts are at least sincere.
My upcoming novel, ULTIMATE ERROR, is about the aftermath of a series of major disasters in the United States. The cascading dominoes leave citizens to their own devices for survival. How long would it take for the states of emergency to be lifted and a return to a semblance of normalcy?