ST. LOUIS – Cyber attackers are constantly trying to hack our most critical sector – electricity. A successful attack on the nation’s power grid could potentially derail a train or shut off our water supply.
Software company Symantec is tracking a cyber espionage group called “Dragonfly” that's targeting North America and Europe in ways that could “severely disrupt” some operations. Symantec says some nuclear plants have reported being compromised by attackers. Investigators are also concerned about low tech attacks. Power companies are forced to combat more than just natural disasters. Sometimes investigators don’t immediately know the cause, like right after a 2009 Washington D.C. train derailment.
“For the first 12 hours or so, it was unclear whether or not it was a simple mechanical failure or whether it was actually something more malicious than that,” said Scott Aaronson, Edison Electric Institute’s Director for Security and Preparedness.
A team of investigators found a mechanical failure in that case, but in 2013 at a Silicon Valley area substation, investigators found a person to blame. A sniper shot out 17 transformers. The FBI is still investigating that case.
And the 2014 Ferguson power outage still remains unsolved. Thousands of homes lost power for an hour on Halloween after Fox 2/KPLR 11 confirmed a vandal cut a lock leading to a device controlling power to 2,125 homes.
“Anything above ground, if it’s vulnerable to Mother Nature, it’s vulnerable to people,” said Jim Sharp, Aegis Emergency Management.
Sharp says some terrorists may look for low-tech ways to attack.
“Why build a car bomb when the car can be the terrorist weapon? They don’t have to do anything special to that,” he said.
Sharp points to thousands of power stations still above ground.
“Most people don’t even perceive them anymore,” he said. “They’re just part of the landscape.”
Sharp says he’s found a potential vulnerability at the Labadie Power Station.
“It’s very obvious there’s a single rail line that brings the coal to Labadie and that’s the power that generates the electric power that goes out,” he said. “If the coal can’t get in, that power station has a problem.”
Ameren declined to comment and asked that we contact its association, the Edison Electric Institute. Scott Aaronson, a security rep for EEI, says the industry is aware of its weak spots and daily reports of attackers.
“There are any number of threats that are out there,” he said. “There are any number of threat actors and so it is so important for us as a sector not to get wrapped around the axle on one specific threat, but to be aware of all of these threats and then have contingencies in place to be able to respond and recover.”
Aaronson points to the infamous Silicon Valley sniper attack as an example of the industry's ability to respond.
“The lights in both San Francisco and in Silicon Valley didn’t even blink and that goes to this point of defense in depth,” he said. “The idea is not to put all of your eggs in the prevention basket, but to also look at response and recovery in the eventuality that somebody is successful.”
Aaronson added that the electric industry has a tremendous ability to work together and reroute power throughout 55,000 substations nationwide.