How The Feds Plan To Respond To A Hack On The Electric Grid

Experts have long warned that the nation’s power grid is potentially vulnerable to a cyberattack, with the Department of Energy saying that the grid faces “imminent danger” from potential digital sabotage.

Such attacks have already moved beyond the realm of science fiction, with Ukrainian officials alleging Russian hackers have been behind a series of attacks on Ukraine’s power grid, including one that caused an outage in Kiev in December and one that took down power for more than 225,000 customers the previous year.

Just this week, senators from both parties in the Senate energy subcommittee called for more federal assistance to the U.S. power sector in searching for digital vulnerabilities, and a new report from the Massachusetts Institute of Technology warned of hacking risks to internet-enabled systems used throughout the power grid.

Connecting geographically dispersed operating equipment to the internet has certainly made electricity generators and other industries far more efficient, “but it has also created dangerous vulnerabilities in the systems that keep the lights on and power the economy,” warned the report from MIT’s Computer Science and Artificial Intelligence Laboratory and Center for International Studies, which called for greater federal efforts to secure critical infrastructure.

And if such an attack causes a widespread blackout in the United States, it will take careful coordination by the affected electrical generating and distributing companies to bring power systems back online. Some power stations are better suited than others to being started without any external energy from the grid, and authorities might prioritize bringing power to certain other vital infrastructure as rapidly as possible.

Earlier this month, defense contractor BAE Systems announced that it has been awarded an $8.6 million contract from the Defense Advanced Research Projects Agency to develop tools to quickly isolate hacked systems from the internet—and quickly restore digital communication between power company systems so they can get back online after an attack.

“The first step is to isolate from the internet using several techniques that we are developing and at the same time provide alternate communication,” says Victor Firoiu, senior principal engineer and manager of communications and networking at BAE. “That’s mostly being done using ad hoc wireless radio networks that do not require any prior arrangements.”

Power company officials would likely first communicate by voice, using existing wireless tools or emergency capabilities provided by BAE, but ultimately their systems will need to exchange data to get back up and running, he says. In the 2015 Ukrainian hack, officials reportedly scrambled from plant to plant, manually flipping circuit breakers to restore power. Restoring the U.S. grid in the wake of an attack would be much more complicated.

“Once you get the different parties involved to agree and discuss the highest level of the plan, subsequent steps of the plan become quite technical and we need data communication,” Firoiu says.

That will require a variety of types of radio connections over different distances, from short-range tools similar to Wi-Fi to long-distance satellite uplinks, ideally all deployed within just a few hours. And each form of communication will need to be encrypted and secure against any further hacker attacks.

“There could be distances of tens or hundreds of miles—some larger operators actually have more than 1,000 miles across their territory,” says Firoiu. “In all these cases, we need to provide long-distance communication that has to be secure, reliable, and resilient.”

The project is part of DARPA’s Rapid Attack Detection, Isolation, and Characterization Systems, or RADICS, program, aimed at developing quick responses to digital attacks on the nation’s critical infrastructure. Firoiu says the project is expected to take four years to develop, though portions of the system could be ready sooner. The BAE Systems team plans to test portions of the system later this year as part of the GridEx power grid security exercise in November.

“We are going to use a simulation of the wireless radio network, but all the planning and all the upper-level software will be real,” says Firoiu.