Securing the US Electrical Grid

An anonymous reader writes The Center for the Study of the Presidency & Congress (CSPC) launched a project to bring together representatives from the Executive Branch, Congress, and the private sector to discuss how to better secure the U.S. electric grid from the threats of cyberattack, physical attack, electromagnetic pulse, and inclement weather. In this interview with Help Net Security, Dan Mahaffee, the Director of Policy at CSPC, discusses critical security challenges.

Great way to waste your money

[Anonymous Coward]

The best thing they could possibly do to protect the electric grid is to figure out how to make it not an electric grid. Because right now, J. Random Asshole can get in his pickup truck, drive 50 miles to some tower in the middle of nowhere, and cut it down with tools you can get at any construction supply store. Taking this one tower down would take out power to most of the East Coast. [wikipedia.org]

Or you could simply do nothing, because the power companies are doing a great job screwing things up on their own. [wikipedia.org]

Re:Great way to waste your money

[bobbied]

I figured I'd pipe in and call your idea stupid, but I thought better of it. Let me show you why we have a grid..

Transport of power - The power grid is designed to transport power from where it is generated to where it is used. This means we can use hydroelectric power without having to build our houses and businesses near the dam. It also allows us to transfer power from regions where there is generation capacity to regions where power is needed.

Efficiency - Efficient power generation is easier to achieve on an industrial scale, and the ability to put the plant near a fuel source saves transportation costs. It also lets us use the more efficient generation plants from other regions when power is available.

Redundancy - The power grid provides redundant paths for power to flow from where it is generated and where it is used and it also provide the ability to have multiple generation plants providing power so the failure of one plant can be made up by the rest.

The problem you are going to have with "remove the grid" idea is reflected in all of the above. If you need reliable electrical power, you have to keep the grid. If you want efficiency, you need to keep the grid. If you ever need more power than can be generated locally, you need the grid.

I'll conclude with this.. If you want to keep using all the things that make modern life possible, you need reliable, efficient and abundant electrical power and that means you need the grid. Unless of course you don't mind giving up modern life, which I consider a stupid idea...

Re:

[peon_a-z,A-Z,0-9$_+!]

I read it at first that he was advocating for burying the lines. Or constructing the poles out of Adamantium.

I never read it as the OP wanted to do away with electricity. His only slant seems to be anti-Power Company.

Re:

[rezme]

How in the hell did you take an article on power security down this racist rabbit hole? The country is 63% white and 12% black. Where are you seeing that whites are disappearing?

Re:

[Z00L00K]

Well, I'd worry less about that than an coordinated attack on a number of main transformer stations. OK, it takes a bit more to "kill" a transformer, but a few .50 caliber full metal jacket rounds would make enough of a mess to render it out of service.

It will take a few days to re-erect a tower, it takes a lot longer to replace a destroyed major transformer.

Re:

[Ralph Wiggam]

The US military has a bomb designed to be used against transformer stations. Instead of explosives, the case is packed with spools of thin strips of aluminum foil.

It makes it look like the place was vandalized by teenagers, using foil instead of toilet paper.

Re:

[davester666]

Um, did you research the incident he mentioned?

One small part of the grid failed, and that had a cascading effect on the surrounding parts of the grid, and the result was a problem WAY bigger than what most anybody in the power industry would publicly admit to being possible from the original event.

Re:

[Z00L00K]

Compare the time to rebuild the net from that event to the time it takes to manufacture a new transformer and having it delivered. Each site contains maybe 2 to 3 such transformers that are custom built. Downtime can be a year for that transformer station. Locate some more sites and you can cause a severe situation where you have problems to manufacture the transformers and then to transport them because - no power to run machinery and refineries for fuel to the transport vehicles.

It would make the northeas

Re:

[LifesABeach]

You know, if each structure that required electrciy was using Solar, and or Wind; the ability to reek havoc on electrcity use would be greatly reduced.

Re:

[bjwest]

Yeah, the buildings in Seattle could certainly use solar and wind to generate all the power they need.

Or are you suggesting the whole country move to the desert and mountain areas?

Re:

[LifesABeach]

That's why God invented the "extension chord," Also, you might want to check out Germany's power grid. Just a thought, you might want to divest you energy stocks; there's a new breed of solar panels coming out, and they're cheap to produce, and install.

Re:

[bjwest]

I fully understand that, however the parent was talking of doing away with the "extension cord" and have each structure generate it's own power via solar or wind. The only way to do that with todays energy storage capabilities, would be to abandon all cities not in a desert or mountain area where solar and wind power are prevalent.

You mean like ...

[Anonymous Coward]

You mean like the big giant blackout a decade or so ago where most of the eastern seaboard went dark?

And they immediately blamed Canada despite it being their own incompetence at running an electrical system and this being known faults they were too stupid/lazy/cheap to correct?

More so the IoT is going to be a disaster

[hsmith]

[Besides Snowden] The largest data breach in recent memory was due to an internet connected HVAC system at Target. The electrical grid is a small sliver of the equation, the next decade is going to be a massive shit show.

Cyber is easy, EMP is possible

[gurps_npc]

Cyber is easy - simply no direct connect to the internet. Anything less is effectively nothing. Anything more is not needed.

If you have data that you absolutely positively must have accessible via the internet, set up a dial and point an internet connected camera at the dial.

EMP pulse is not hard - we know the basics of shielding.

Sabotage and weather are however not easily defensible. No matter what we do, we can't provide complete protection, but we can do pretty well.

Re:

[gurps_npc]

Oh, one more thing, some people told me that 'hacking' does not have to happen over the internet. That is true, but at the heart that is just another version of sabotage - when you stop people from physically accessing the plant, you also stop the non-internet based hacking.

Re:

[Charliemopps]

EMP pulse is not hard - we know the basics of shielding.

The entire US electrical power grid is unshielded. Every single one of those wires is a direct conductive link into every electronic device in America. You would need to shield those lines to prevent EMP damage. On top of that, the amount of shielding required to prevent a decent EMP is huge. They tried putting it on Ragens airforce 1 in the 80s and it made the jet so heavy it couldn't take off. I think they eventually figured it out, but the point is, it was not an easy task.

Re:

[mdsolar]

Seems like this project would help: http://westfaironline.com/6503... [westfaironline.com]

Re:

[Charliemopps]

I think you have a fundamental misunderstanding how EMP's work on electronics, large circuits (Transformers, power lines, generators, etc) are virtually unaffected by EMP's as the additional voltage introduced is insignificant compared to their operating voltage. The issue is very small electronics that are susceptible to even the smallest change in their voltage input. The only way that these larger systems are effected is if they have control systems that utilize computer chips. As long as you shield the IC chips (the chips physically and regulate the voltages being supplied to them) everything else (transistors, resistors, transformers, batteries, etc) usually doesn't need any form of shielding.

Sorry, you've been mus-informed.
http://www.nasa.gov/topics/ear... [nasa.gov]
Canada has power outages all the time as a result of Solar Flares (basically natural EMPs) The pulse hits the grid everywhere at once creating a spike in voltage that affects everything attached to the grid. Because Canada is tilted more towards the sun than we are, they are more susceptible.

Re:

[Anonymous Coward]

That's a geomagnetic storm, which is a completely different phenomenon from EMP's (Electromagnetic PULSE). Geomagnetic storms DO effect large distributed power networks (by imparting large additional charges to hundreds of miles of wire), but have little if any effect on small electronics (at least those not connected to the large power networks). While they can cause damage they have to be unusually large, the largest in modern history, the March 1989 geomagnetic storm which effected Canada (an X15), was

Re:

[n1ywb]

Because Canada is tilted more towards the sun than we are, they are more susceptible.

O_o

Canada is tilted about as far away from the sun as populated areas on earth get. http://en.wikipedia.org/wiki/T... [wikipedia.org]

Canada is more susceptible because they are closer to the north pole where charged solar particles are drawn in by the earth's magnetic field. http://en.wikipedia.org/wiki/A... [wikipedia.org]

Re:

[account_deleted]

Comment removed based on user account deletion

Re:air gaps

[mlts]

Nothing is 100%, but an air gap will force a black hat to either get someone physically on site, do some social engineering, or find someone that they can control to do their work for them.

By keeping stuff off the Internet, either air gapping or having a separate network with tightly controlled access points (or perhaps even something like a data diode [1]), it blocks all but the most well-heeled attackers, and big firms/governments are well adapted to deal with physical threats far more than stuff coming via the Internet.

[1]: I've taken two machines, each on a different network, plugged in a serial cable with one of the lines cut (so bits only moved one way), then used syslog on the secure network, and redirecting the port's output to a file on the insecure network. This wasn't fast, but it got data to people who needed it, while keeping stuff on the secure side off the Internet unless someone physically accessed it. A true data diode does the same thing, except faster... however expensive. As a hack, a dedicated line-level Ethernet tap might be something to be used because the computer plugged into the mirrored port will be unable to change or reply to the network stream coming from the secure side.

Re:

[roc97007]

> Cyber is easy - simply no direct connect to the internet. Anything less is effectively nothing. Anything more is not needed.

From a purely electronic standpoint, true. But you also have to maintain a fairly high degree of physical security. Just one example: If you work in an office building, note that janitors have keys to everywhere, even the CEOs office. I know, many companies require a background check for janitors, but many don't.

Re:Cyber is easy, EMP is possible

[judoguy]

Cyber is easy - simply no direct connect to the internet. Anything less is effectively nothing. Anything more is not needed.

Not that easy. I worked for a company that did just that. Air gapped completely. We sneaker netted the web orders, etc. back and forth between the internal system and the outside world. Huge pain in the ass, but secure.

When we had to be certified as PCI compliant by our auditors, they wouldn't. Said that the air gap was a security risk! Made us connect and go through the hoops with more firewalls, et al., to be certified so we could stay in business.

I will NEVER believe that they are more secure now than before. We checked the sneakernet data for SQL injection, ran AV, limited removable media to a few trusted and audited employees and so forth. But in the end, we had to get that PCI cert or our bank would refuse to do business with us.

INL working on these issues.

[Mr D from 63]

They have some pretty sharp folks working on grid security at INL. While I've seen some disturbing government R&D waste in many areas, this is actually one where I have been highly impressed.

Meanwhile, the US grid has been quite reliable overall throughout the years, and the few major events that have caused large disturbances have been analyzed in detail so the preventative measures can be taken.

Re:

[HornWumpus]

Cascade failures always come down to the same thing. Insufficient spinning/ready reserves. We know how to fix it. But it's cheaper just to let it fall over once every 20 years.

Re:

[Mr D from 63]

Good Point. INL only working on the data/security end of things. FERC and NERC are the ones responsible for the reserve aspects of reliability.

Re:

[HornWumpus]

Convincing folks that the optimum power grid will have a measurable failure rate is the tough part. They don't get how much building/spinning for the hottest day of the year costs.

I know of no regions that don't have routine reserve violations every (or almost every) year.

Solar is helping in California

[mdsolar]

"Somebody ought hand renewable energy a cape and be done with it...." http://grist.org/news/solar-is... [grist.org]

Re:

[HornWumpus]

You don't actually believe that article means shit do you? Pure fluff.

Hint: When they stop writing those kinds of articles about solar it will have actually arrived.

You don't see articles saying 'Somebody ought to hand natural gas a cape', even though it's much truer then solar.

Re:

[mdsolar]

Robert Weisenmiller, chairman of the California Energy Commission, actually seems to be an expert, When you disagree with all the experts, perhaps what you need is to go back to school.

Re:

[HornWumpus]

Do you know what the the California Energy Commission is? Know it's history?

If you did, you would not have made the above statement. It's a bunch of politicians that go around interfering with things they don't understand.

Re:

[mdsolar]

"Weisenmiller holds a Doctorate in Chemistry and a Masters in Energy and Resources from University of California Berkeley and received his Bachelor of Science in Chemistry from Providence College." http://www.energy.ca.gov/commi... [ca.gov] You walked right into that one....

Re:

[HornWumpus]

No engineering degrees. Unqualified political appointee, same as the rest of the commission. Bet the masters is an MA.

'Energy and Resources'? Guarantee that's a liberal arts program.

Re:

[mdsolar]

Engineering degrees are usually masters and don't involve original work. The Chem PhD is a better qualification.

Re:

[Ranbot]

My first thought was a better protection of the electric grid would be for more reserves/back-ups/redundancies. I imagine it's very expensive and difficult to protect a nationwide against EVERY form of attack, but creating back-up and support infrastructure to get the power back on quickly would make ANY attack useless, or at least reduce it's effectiveness. Not that I think it's cheap to back-up our entire electrical infrastructure either, but it would seem to be the most effective defensive and has the ad

Re:

[HornWumpus]

How much would you be willing to pay to reduce you grid downtime from 3-4 hours/year to 0.3-0.4?

At some point, you accept that nothing is perfect and attempting to reach perfection costs potentially infinite money.

Re:

[Ranbot]

I don't know. But I do know that lost profits and tax revenues by businesses in a widespread power outage can be considerable, and for major metro areas can easily reach into the hundreds of thousands of dollars lost per event. I'm sure someone smarter than me could look at a region of the grid and calculate the expense of upgrades vs the cost of every profit-generating business losing productivity with some additional fudge factors for less tangible effects on higher risk populations at hospitals, nursing

Re:

[tverbeek]

The US grid is "quite reliable"... by third-world standards. I live in a city of a quarter million, and my power goes out for 4-24 hours at least 3 or 4 times a year. Every thunderstorm that blows through leaves me wondering if I'm going to get to test the UPSes on my home servers again that day.

Re:

[Mr D from 63]

There are certainly certain areas where service is unreliable for a variety of reasons. But overall, your experience is on the worst end and does not reflect the grid as a whole, which, despite some local distribution issues, probably was still quite intact in your general area during most of those disturbances. I live in a rural area, I think my power may have been out for a total of an hour for the past four or five years.

Re:

[Cragen]

Wish you were correct. I live in the western part of Fairfax County, Virginia. We lose power for 1-4 hours about every 6 months and for over 24 hours about once every 2 - 3 years. (During one outage, very early in the morning, I decided to go to the local donut shop for coffee and donuts. As I was leaving my neighborhood, I realized that the outage was only about 3 blocks square with my house near the "epicenter". It could be ME that's causing all these power problems. :P)

Re:

[Mr D from 63]

3 blocks square is what I would call a local distribution issue, and hardly a grid issue. Your local power company needs to do a better job, be it keeping trees off the local distributions lines or whatever else the problem is.

Re:

[HornWumpus]

Local distribution outages are completely different from grid failures. Get your utility to spend more money on tree trimming.

Re:

[Obfuscant]

The US grid is "quite reliable"... by third-world standards. I live in a city of a quarter million, and my power goes out for 4-24 hours at least 3 or 4 times a year.

You think that's third-world? You mean the world where people go to neighbor's houses on a regular basis to recharge their cell phones because they don't have power themselves and the neighbor has a solar panel and a battery? And a large philanthropic effort makes headlines because it designs laptops that mesh network (to get around no network infrastructure) and have hand-cranks so they can charge the batteries?

I knew someone from India who told us about his house and that they shut the power to the whol

All electric grid control systems and networks...

[Anonymous Coward]

...keep them off the public Internet.
Anyone who connects these systems to the public Internet is a fucking retard.

Re:

[Hotawa Hawk-eye]

What about the havoc an extremely large nuclear device [wikipedia.org] could cause on the power grid? According to this other Wikipedia article [wikipedia.org], "In June 2013, a joint venture from researchers at Lloyd's of London and Atmospheric and Environmental Research (AER) in the United States used data from the Carrington Event to estimate the current cost of a similar event to the US at $0.6-2.6 trillion." To put that in perspective, the 2005 United States budget request from President Bush was only $2.4 trillion and the 2013 budge

Re:

[Anonymous Coward]

Yep, I'm aware, just didn't bother to mention that because people will just say "Pfft, that could never happen!" Though, to be fair, scientists don't expect that we're in any danger of a CME causing widespred damage for at least the next decade.

The problem is, it is simple and relatively cheap to prevent an EMP from wiping out our electric grid, but it is very hard to restore it once it has been destroyed by an EMP. Only so many parts are available and the production just isn't there to restore a country of

Re:

[bobbied]

...keep them off the public Internet. Anyone who connects these systems to the public Internet is a fucking retard.

Ah, come on. Ever heard of VPN's? They go encrypted over the internet. Just use some reasonable equipment and keep your patches up to date.

Perhaps you mean... Not connected though unencrypted connections to the public internet...

But, most distribution companies DON'T allow this anyway. There might be one or two rural providers who still have dial-up equipment, but the big transmission line operators don't do this and I'd bet are not allowed to by their region's rules. These companies have to live up

Re:

[HornWumpus]

You would be shocked how transaction information is exchanged between transmission operators, generators, load serving utilities and the appropriate regulators.

Tags are exchanged over the public internet. However that is related to power trading, at the operations level it's all irrelevant.

OMG Terrahrists!

[Anonymous Coward]

There is an error in the summary. It should read "In this post-nine-eleven world, the Center for the Study of blah blah blah...."

Re:

[gstoddart]

Nebulus threats by a lobby group with a nebulus name rarely have anything to do with solving SPECIFIC problems.

It depends, if your 'specific' problem is getting funding for yourself by spreading FUD about the dangers ...

Re:

[bobbied]

Just one thing.. EMP, is pretty universal and long reaching. It can reach thousands of miles from ground zero. So even if the nuke was used only on military targets, there is going to be significant EMP induced for at least a few hundred miles.

Reinventing Fire

[mdsolar]

The book "Reinventing Fire" by Amory Lovins goes into detail in how to make the grid less vulnerable to inclement weather (including space weather). "Finally, letting distributed generators compete and interconnect fairly could nearly eliminate blackout risks by organizing the grid into local “microgrids” that normally interconnect but can stand alone at need (“islanding”). This resilient future, already demonstrated in about 20 experiments worldwide... " http://www.rmi.org/electricity [rmi.org]

Re:

[HornWumpus]

Wow. Some 'genius' says to fix the grid just make every region run independently. Why didn't anybody else think of that.

What a moron.

Re:

[Mr D from 63]

Lovins repetitively misses the underlying issues with his solutions. Just look up his Hypercar predictions, or backyard microturbines. Despite those laughers, he continues to be popular amongst the extreme greens simply by telling people what they want to hear.

Hypercar

[mdsolar]

Do you mean this BMW? http://www.rmi.org/winter_2014... [rmi.org]

Re:

[Mr D from 63]

not even close..... to the 130+ mpg Lovins completely botched not to mention the rate of adoption.

Re:

[mdsolar]

Ah, then you must mean the 313 miles per gallon Volkswagen XL1....

Re:

[Mr D from 63]

No, that is a plug in hybrid with 'theoretical" mpg not actual. Try again.

Re:

[Mr D from 63]

LOL, just saw this

"VW hasn’t decided, but any sticker price should exceed $120,000. "

Mass adoption right around the corner! LOL again.

Re:

[mdsolar]

Less that twice as much as a '68 camero.... These fiber body designs have some value.

Re:

[mdsolar]

I know you don't like to listen to what energy experts have to say. Would have helped with Katrina or Sandy though.

Re:

[HornWumpus]

You don't know what you're talking about. I _am_ a grid expert. I've forgotten more about the grid then Lovins knows.

He is of the category of cranks that believes 'If you just do what I say, ignoring costs, everything will be great!' Adults ignore him.

Re:

[mdsolar]

Maybe you should read the book, to help your memory....

Re:

[HornWumpus]

Why waste my time. I already know it is referenced by morons with no knowledge.

Try reading something that isn't telling you what you want to hear.

Re:

[mdsolar]

So, ignorance of the contents of an important work in the field you claim to be expert in supports that claim how? Is it a known unknown or an unknown unknown or a known by osmosis known? Here's some paint, and there is a corner. You know what to do.

Re:

[HornWumpus]

Important? LOL.

He's telling you what you want to hear. That is all.

Re:

[mdsolar]

Since you don't know what is in the book, we'll just have to consider you a clown.

Re:

[mdsolar]

Would you agree that natural gas is energy storage?

Re:

[HornWumpus]

Not a practical one. It's not energy dense enough.

Examine the problem of natural gas burn forecasting in the state of Florida. They have insufficient natural gas sources of their own, hence they have to forecast their burn by the amount of time it takes to deliver gas down the Southern Company pipeline. The further south you go, the earlier (and hence less accurate) their burn projections have to be. If they underestimate, they burn oil in their CTs (combustion turbines), if they overestimate they flare

Re:

[mdsolar]

You should have read the parent. It was about the UK.

Re:

[HornWumpus]

Natural gas is more energy dense in England? More store-able?

You do understand what a concrete example is?

Re:

[mdsolar]

http://en.wikipedia.org/wiki/R... [wikipedia.org]

Re:

[mdsolar]

Read the book. There are things being done about those issues.

Re:

[HiThere]

The microgrid idea is attractive, and would work. Unfortunately, it appears inherently more expensive and less efficient. This would make it an extremely hard sell. It also decreased central control, so the govt. wouldn't be attracted to it, even if they didn't actually put up roadblocks.

Re:

[mdsolar]

Lovins did find that large scale renewables with extra transmission were the least expensive option. But, we pay extra for resilience now such as it is, and building it into neighborhoods might turn out to be cost shifting rather than more expensive.

Oh no

[Anonymous Coward]

As we move closer to a world where almost every device is going to be connected to the Internet, how can we mitigate the onslaught of entirely new threats while we're not able to fend off even the most old of attacks?

This fetish to connect everything to the internet is just asinine.

It is not "cool". It is not innovative.

It is just complicating shit because you can and to make something old look new.

If you have critical systems connected to the Internet, you have made a serious design flaw.

Reading the article, it just looks like the industry is looking for grants, tax breaks, and some other poltical favors because TERRORISM!

If my power grid went out you what would happen? Nothing really. My Netflix Breaking Bad marathon

Re:

[blue9steel]

This fetish to connect everything to the internet is just asinine.

Perhaps, but we're moving towards a world of full connectivity of all devices and total internet coverage of all areas. The chance that these devices would be able to be reliably kept separate are pretty low. The most realistic option is to improve their security architecture to make them less vulnerable. Requiring third party security audits, two factor authentication and encrypted communications would go a long ways towards resolving the current issues.

Re:

[Darinbob]

These grids will be networked, but not connected to the internet. And we're already split into regions and hierarchies. There's a nationwide transmission network, and those guys are on the ball. Then there's a more regional distribution network. Then there's the local utilities.

Re:

[sinij]

With upcoming war on weather, they will still somehow find a way to feed the prison industry complex with taxpayer money.

The quicker the better

[flopsquad]

Though it almost always comes down to $$, there are certainly steps that can and should be taken immediately. A significant grid attack combined with a power plant attack could quickly put the affected metro/region into survivalist panic mode.

Bonus points if the security upgrade process provides a convenient vehicle to modernize for things like solar sell-back ("smart grid"). I've always thought that power should (ideally) be more like decentralized network traffic, able to rout around damage and not de

We should start

[Anonymous Coward]

We should start by burying all service cables. Period. Protect against terrorism, solar flares and EMP all in one go.

Infrastructure in the open

[SoupGuru]

Sure, securing the technology side of things is essential but delivering power to people requires most of your infrastructure to be left out in the open... much of it in remote areas and unattended. Quadruple factor authentication, 200 character passwords, and air gaps don't really matter when some guy with a .22 can bring your system down.

Vanadium flow battery.

[SuricouRaven]

Invest in the research. They can keep essential services and even small communities operating for days in isolation - plenty of time to get things repaired and reset. They are lower maintenance than generators, so you can put them everywhere.

Assume it isn't secure

[EmperorOfCanada]

The worst thing they can do is to secure it and then depend upon the security working. Thus the system should be designed so that if it is hacked every other Monday that it can survive. There have been a number of recent (last 20 years) events that have shown that single points of failure can have devastating effects. So make sure that if terrible things happen that a lesser grid can be maintained manually.

A great example of this would be a local grocery store chain's SAP system failed shortly before Christmas(some years ago). They were so dependant upon it that their ability to order stuff and manage inventory was pretty much non existent. So the store ended up looking like some kind of soviet grocery store where the only goods on the shelves were pretty much those that are managed by the distributors themselves; things like milk.

This grocery store hopefully has learned from this and now has some kind of manual backup plan where a store manager can actually phone in his orders and crudely manage the store's needs in the case of another serious computer outage.

The same with the grid. Ideally they set some sort of minimal functionality emergency plan whereby humans can crudely manage the system as opposed to a system that either works perfectly by computer or doesn't work at all.

But I worry far less about hackers and far more about system design failures and Carrington events.

US Government is the Biggest Attack Vector

[anorlunda]

If NSA has installed weaknesses and/or back doors into most commercial hardware and software globally, then everyone, Al Qaeda, as well as power companies, use the same stuff.

Ask any security manager. He'll tell you that we must assume that bad guys will eventually learn how to exploit those weaknesses and/or back doors, leaving us highly vulnerable to attack.

The Cyber Command wing of NSA has the responsibility to assure that they can successfully attack any enemy, any time. They can not know now who that future enemy might be. Therefore, the only way they can be assured of accomplishing that mission is to make sure that no computer, no IT operating anywhere on the planet is really secure. I fear that they are planting the seeds by which bad guys can attack the power grid in the future.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Expensive Effort

[Jim Sadler]

Frankly the expense of protecting long lines is prohibitive. A person with a tiny bit of knowledge can disrupt power lines with ease.. Most people who commit such acts are pretty stupid and will get caught but a few do understand how to do such thin gs who are not so stupid.. They could be big trouble for all of us. Train rails have the same issue. Lots of exposure in remote areas makes them an easy target. Drones could be a big help in this matter.

Open it up: "internet of electrical devices"

[Errol backfiring]

Design the grid in such a way that devices (solar generators, wind generators, storage like your hyped elecrical car) can plug on and off. Allow anyone to build his own grid. That way, you can easily detach your own local grid when the "Big Bad Grid" has been compromised. Off course, this means getting the control OUT of the hands of monopolistic companies and governments must somehow grow a facilitating mindset. Mind you, control is still necessary, but it does not need to come from technical dinosaurs.

Damned if you do and damned if you don't

[Benders]

If our Power grid a necessity? Of course, unless you really want to go back to the 1800s. But if you asked most Americans to live in that era they would die. Can the control of the grid be protected? Yes, but any control platform that you are not in the same room with, is vulnerable to someone gaining access to the controls. Can we protect against EMP? Yes, if we know exactly WHEN to turn of all the power to all devices in the EMP footprint area. Can we shield everything against EMP impact? Yes, but you don