Austin, TX (PRWEB) January 21, 2014
In the midst of one of the nation’s coldest winters, a failure of the power grid as a result of a cyber attack could leave tens of millions of Americans facing the prospect of freezing to death. No heat, no communications -- in a frozen world with temperatures equal to those at the South Pole. Sound far-fetched? Not to experts who work to prevent just such a scenario from becoming a reality.
“There’s no doubt that a successful cyber attack on the North American power grid could cause widespread devastation. For those planning such as assault, the dead of winter would be the ideal time to launch it,” said Chris Humphreys, CEO of The Anfield Group, an Austin-based cybersecurity consultancy serving the electric industry. “We know the industry strives to implement adequate safeguards to prevent such a disaster, but there’s no way to tell for certain if we are fully prepared for such an attack. We know potential attackers are becoming more sophisticated. Obviously, cybersecurity is becoming a major priority at all levels of government and business.”
Humphreys said that just last month, an ice-storm knocked out electricity for 600,000 people in Canada and another 500,000 in mid-Michigan where it took nearly a week to get the lights and heat on again.
“That most-recent outage can be attributed to ‘natural causes,’ not a cyber attack,” Humphreys noted. “Just imagine how devastating a well-planned and executed attack on the a large part of the North American power grid could be -- especially if launched by a sophisticated adversary during polar vortex conditions.”
Experts can’t agree if such attacks have already occurred elsewhere. Some believe cyber attacks caused massive blackouts in Brazil in 2005, 2007 and 2009 -- including an incident that caused all the power to go out in neighboring Paraguay for 20 minutes. Others agree with the official Brazilian explanation that storms and lightning were to blame.
So why haven’t large scale cyber attacks been launched against power grids -- especially in the United States?
“Money may be the biggest factor,” Humphreys said. “International crime syndicates that may have or could obtain the tools necessary for carrying out a major attack on the North American power grid haven’t figured out a way to make a profit from such an attack. Banks and other high-profit targets are more appealing to them and carry a lower risk if caught.”
Humphreys explained that far more sophisticated organizations such as the Chinese military and other potential adversaries may simply be waiting for the ideal time to launch such an attack. The power grid is a particularly appealing target for them because unlike the military and government agencies where orders can be issued to improve cybersecurity, the power industry is privately-owned. As a result, the security of the power grid is based on voluntary compliance, cooperation and sound business practices
“It’s not all gloom and doom,” Humphreys said. “The industry isn’t waiting for legislation and regulation to protect it -- it is moving ahead with strategies designed to thwart cyber attacks. In just a few weeks, the National Institute of Standards and Technology will issue a framework for protecting the nation’s critical infrastructure from cyber attacks. This important development resulted from President Obama’s Executive Order on Cybersecurity. Plus, the North American Electric Reliability Corporation, the entity responsible for ensuring the reliability of the bulk power system in North America, has just issued the latest standards designed to protect the nation’s electric supply. It’s also still possible that Congress will provide meaningful legislation designed to protect the nation from cyber attacks.”
In the meantime, each time we turn up the heat in our homes, it would be appropriate to think of all the dedicated men and women who keep the North American power grid responsive and secure.