By Mark P. Mills, Senior Fellow
Electric grids have always been vulnerable to natural hazards and malicious physical attacks. Now the U.S. faces a new risk—cyberattacks—that could threaten public safety and greatly disrupt daily life.
Utility executives and other experts argue persuasively that U.S. grids, especially long-distance grids, are currently well secured. Yet the key issue is not today’s security but tomorrow’s. Here the risks are growing rapidly. The push for “greener” and “smarter” grids requires far greater grid-Internet connectivity to ensure the continuous delivery of electricity. These greener, smarter grids will involve a vast expansion of the Internet of Things that greatly increases the cyberattack surface available to malicious hackers and hostile nation-state entities.
Cyberattacks overall have been rising 60 percent annually for the past half-dozen years, and utilities are increasingly targeted. A Cisco study found that 70 percent of utility-security professionals say that they have experienced at least one security breach. For their part, federal and state governments genuflect to the goal of reliable, resilient, and affordable electric service. Yet comparatively trivial sums are directed at ensuring that grids are more secure, compared with the vast funding to promote, subsidize, and deploy green energy on grids.
The central challenge for U.S. utilities in the twenty-first century is to accommodate the conflict between political demands for more green energy and society’s demand for more reliable delivery of electricity. Greater grid cybersecurity in the future means that policymakers must rethink the deployment of green and smart grids until there are assurances that security technologies have caught up. While the government needs to improve its vital role in helping with cyber “situational awareness,” the private sector must lead the way in defending against cyberphysical threats that evolve and move at tech-sector—not bureaucratic—velocities.
To lay out the state of affairs and provide recommendations for sensible U.S. grid cybersecurity policies, this report examines:
- The forces that have made electricity far more critical than ever. The “information economy” is fundamentally electricity-dependent and is now a threefold bigger part of U.S. GDP than the oil-dependent transportation sector that dominated America’s economy in the twentieth century.
- The structure of America’s grids and the history of blackouts. Outages have become increasingly common. Lloyd’s estimates that the damage from worst-case outage scenarios from cyberattacks would range from nearly $250 billion to $1 trillion.
- The challenge of an “on-demand” economy that is escalating the peak demands for power. The twenty-first century’s unique— and widening—gap between average and peak energy demand is forecast to more than double in the coming decade, even as far more episodically available green-generating capacity is added to the grid.
- The new character and magnitude of cyberphysical threats. A recent report found an over 400 percent rise in 2015 in the number of times that hackers probed for vulnerabilities in cyberphysical systems, a.k.a. the “Internet of Things.” With security experts claiming that the “next Cold War has already begun—in cyberspace,” the key is to keep critical infrastructures, especially electricity, off the front lines.
- The skewed priorities in grid spending. During the past decade, wind and solar power, which cannot meet society’s 24/7 energy needs, accounted for over 75 percent of new generating capacity. In the same period, more than $150 billion in federal spending went to green- and smart-grid programs, while the U.S. Department of Energy spent $150 million on cybersecurity R&D.
- The state of grid cybersecurity today. Even as cybersecurity concerns are causing most other industries to integrate cautiously into the Internet of Things, policymakers—despite warnings from the U.S. Department of Homeland Security—are pressing electric utilities to accelerate grid integration with the Internet.
Nearly everyone is aware of the deep interconnectedness of electricity in every facet of daily life. Less well understood is the enormous size and complexity of America’s roughly $6 trillion electric utility system. Unlike in many countries, the U.S. electric utility system is not a single grid. Rather, it is a complex web of eight regional “supergrids” coupled with thousands of local grids that deliver 55 percent of all the energy that America uses for non-transportation purposes. Now, the U.S. electric utility system is on track to deliver an increasing share of the country’s transportation energy, too.
The August 2003 blackout that enveloped New York City and the Northeast—which put 50 million people in the dark for two days—inflicted $6 billion in damages. That outage was caused by a confluence of human and machine factors, as are so many disasters in complex systems. Nature, thus far, is the most common source of grid outages. In 2005, Hurricane Katrina left nearly 3 million without power for several days. In 2011, it was the lingering power blackouts that amplified the impacts from Hurricane Sandy—accounting for some 40 percent of the $50 billion in damages from that storm.
The second most dramatic takeaway from widespread outages—after their economic and social costs—are the heroic efforts and speed with which electric utility crews effect repairs and restoration. Utilities have long prepared for recovery: geographically widespread, complex systems have unavoidable exposure to natural events and statistical failure modes. In the wake of the 2003 blackout, a Carnegie Mellon University study estimated that a blackout of that level is likely every 25 years. In the meantime, smaller but still inconvenient outages—resulting from nature as well as other causes—are becoming more common.
But America’s electric sector faces two revolutionary changes. One is the emergence of so-called smart systems that promise vastly improved control and distribution of power across grid systems. The other is the pressure to add far more episodic (wind and solar) power sources that inherently require “smart systems” linked to the Internet.
Information and communications technologies (ICT) are now migrating from working mainly with information (i.e., the cyberworld) to an Internet of Things (IoT) that can also act directly in the physical world. This “cyberphysical” transformation holds the potential for greater efficiencies, convenience, reliability, safety, and predictability. For example, information systems are already very good at identifying and predicting road traffic and hazards, as well as informing drivers via maps and alerts. When that information is converted into a direct action as a cyberphysical system, one gets an “autonomous” (i.e., driverless) car.
Cyberphysical systems, however, bring a new class of risk; let’s call it “cyber carjacking.” In the summer of 2015, hackers remotely took over the steering and braking of a Jeep Cherokee (Figure 1). That wake-up episode led to a 1.4 million vehicle recall by Chrysler.
In pursuit of environmental aims, U.S. policymakers and regulators are rushing to improve energy efficiency and integrate episodic power sources—i.e., wind and solar—onto electric grids. This has involved pushing utilities and federal and state governments to spend tens of billions of dollars on smart-grid technologies. For everything from cars to aircraft to health care, regulators have emphasized a safety-first approach to technology. That has not been the case thus far with regard to ensuring the cybersecurity of America’s evolving electric grid.
This head-in-the-sand attitude may be slowly changing. The December 2015 hacker-caused blackout of Ukraine’s electric grid helped raise red flags, as did the discovery that, in 2016, Iranian hackers used a process called “Google dorking” to hack into a small New York dam’s control system.15 The Ukraine hack, ostensibly by Russia, used malware called “BlackEnergy” combined with other cyber and espionage tactics. Arguably the first wake-up call regarding the capabilities of cyberphysical attacks came in 2010, when the world learned of a clandestine project (ostensibly U.S.-Israeli) using the Stuxnet computer virus to severely damage the electrical infrastructure of Iran’s nuclear facilities.16
Last year, Lloyds Bank published a comprehensive study of worst-case scenarios “to bring awareness to the potential physical damage caused by cyberattacks against Operational Technology” and, in particular, “the U.S. power grid.” Lloyds noted that, while the scenarios considered were still “improbable,” they were nonetheless “technologically possible.”17 A worst-case multipronged, multiregional cyberattack causing widespread outages could inflict $243 billion–$1 trillion in total damage on the U.S. economy, Lloyds found.
Current electricity policies, as will be discussed in greater detail below, run the risk of creating the conditions for a perfect cyberstorm by prematurely pushing the Internet of Things onto grids to accommodate environmental goals—and doing so at a time of growing cyber capabilities of bad actors, and exactly when society is becoming increasingly dependent on electricity.
About the Manhattan Institute
The Manhattan Institute for Policy Research is a leading voice of free-market ideas, shaping political culture since our founding in 1977. Ideas that have changed the United States and its urban areas for the better—welfare reform, tort reform, proactive policing, and supply-side tax policies, among others—are the heart of MI’s legacy. While continuing with what is tried and true, we are constantly developing new ways of advancing our message in the battle of ideas.