After Alert On Russian Hacks, Bigger Push To Protect Power Grid Homeland Security and the FBI have blamed Russia for a series of cyberattacks on U.S. power plants. The industry is stepping up efforts to protect the electric grid.

After Alert On Russian Hacks, Bigger Push To Protect Power Grid

  • Download
  • <iframe src="https://www.npr.org/player/embed/602252391/604245318" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript

RACHEL MARTIN, HOST:

U.S. energy companies are on alert for cyberattacks. Earlier this week, American and British officials warned that Russian hackers are targeting global Internet equipment. Russian hackers have also been blamed for a series of hacks against American power plants. StateImpact Pennsylvania's Marie Cusick looks at how the industry is trying to make sure your power does not get shut off.

MARIE CUSICK, BYLINE: At the nation's largest grid operator, the report on the Russian attacks was no surprise.

TOM O'BRIEN: You will never stop people from trying to get into your systems.

CUSICK: Tom O'Brien works for PJM Interconnection. It serves 65 million people in the mid-Atlantic and Midwest.

O'BRIEN: The question is what controls do you have to not allow them to penetrate and how do you respond in the event that they actually do get into your system?

CUSICK: The constant threats are one reason why PJM has so many layers of security around its control center.

UNIDENTIFIED PERSON #1: You are going to use your red badge against that and card in. Excellent, come on in.

CUSICK: Recording equipment is banned. So the microphone is zipped into a bag and left at the security desk. Inside the control room, about 10 people are monitoring floor-to-ceiling displays showing real-time information from power plants. As one manager puts it, this is a highly orchestrated, 24/7 effort that goes unnoticed by most people. And that's the way they like it. But the industry definitely did take note two years ago when this happened.

(SOUNDBITE OF ARCHIVED RECORDING)

UNIDENTIFIED PERSON #2: The first known hacker-caused power outage has occurred. So thousands of people in the Ukraine left in the dark, literally.

CUSICK: Those attacks were widely blamed on Russia. O'Brien doesn't want to get into specifics about how PJM deals with cyberthreats, but one of the many lessons of the Ukraine attacks was a reminder to keep an eye out for odd communications.

O'BRIEN: A very large percentage of entry points to attacks are coming through email. And that's why PJM as well as many others have aggressive phishing campaigns, we're training our employees.

CUSICK: One way to limit exposure is by having separate systems. For example, industrial controls in a power plant aren't connected to corporate business networks. And since 2011, North American grid operators and government agencies have done large security exercises every two years with thousands of people practicing how they'd respond to a coordinated physical or cyber event. So far, nothing like that has happened. And it's not very likely, says Robert M. Lee. He's a former military intelligence analyst who runs his own cybersecurity firm called Dragos.

ROBERT M. LEE: The more complex the system, the harder it is to have a scalable attack.

CUSICK: Knocking out power to the entire East Coast for a week or a month would be very hard, he says. But briefly disrupting a major city is easier. That's what keeps him up at night.

LEE: I worry about an adversary getting into maybe Washington, D.C.'s, portion of the grid, taking down power for maybe 30 minutes.

CUSICK: The Department of Energy is trying to create a new office focused on cybersecurity and emergency response. But deterrence may be one reason why there has not yet been a major attack on the U.S. grid, says John MacWilliams. He's with Columbia University's Center on Global Energy Policy.

JOHN MACWILLIAMS: That's obviously an act of war, and we have the capability of responding either through cyber mechanisms or kinetic military.

CUSICK: In the meantime, small-scale incidents keep happening. This spring, another cyberattack targeted natural gas pipelines. Four companies shut down their computer systems just in case, but they say no service was disrupted. For NPR News, I'm Marie Cusick.

Copyright © 2018 NPR. All rights reserved. Visit our website terms of use and permissions pages at www.npr.org for further information.

NPR transcripts are created on a rush deadline by an NPR contractor. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.