It can be hard for people to appreciate cyberattacks. There aren’t burning buildings or flying bullets, but they cause major damage and are constantly happening. While many hackers try to gain access to personal information, some cyberterrorists are trying to infiltrate the power grid, with the ultimate goal of taking it down. In Wisconsin, state officials are working to prevent and respond to attacks on the power grid.
It’s quiet inside American Transmission Company’s operations center in Cottage Grove. And that’s a good thing. If bells and alarms were going off inside the NASA-like command center, that would mean something was wrong — A powerful storm knocked out a power line. A bird sparked a blackout. Or a hacker launched a cyberattack, shutting down the electric grid.
ATC President and CEO Mike Rowe said his company and all electric utilities are constantly thinking ahead about the ever-evolving and relentless cyberattacks on the energy industry.
Stay informed on the latest news
Sign up for WPR’s email newsletter.
“We get thousands of hits every day. Most of those hits come from offshore,” he said. “We want to detect them. We have several layers and we want to stop them as soon as we can. If they ever do get through, we have plans in place to respond,”
A Persistent Threat
Protecting the grid is critical. If electricity goes down, all other infrastructure, like water, transportation, and communication, take a hit.
Major energy corporations monitor and maintain their cybersecurity, while also working closely with state and federal agencies like the Department of Homeland Security, Department of Energy, and the FBI.
According to Byron Franz, an FBI special agent based in Milwaukee, his agency shares intelligence with companies like ATC, We Energies, or Alliant Energy if they detect someone trying to infiltrate the companies’ networks.
“The United States and the state of Wisconsin are constantly being bombarded by cyberattacks,” said Byron. “These are both from criminal perpetrators and possible nation state actors, all of which are trying in some way to get access to either potentially our electric grid or steal our trade secret technology to better their own domestic technology.”
Hackers can launch attacks many ways, like through phishing emails. All it takes is one unsuspecting employee to click on an attachment for malware to infect a system.
The state and companies are trying to teach their employees how to better spot a malicious email. At ATC, for example, the company sends out dummy phishing attacks to its own workers.
“If they happen to click on it, they get a visit,” said Rowe.
Planning for the Worst-Case Scenario
For security reasons, officials are hesitant to talk about specific threats. Have there been any major attacks in Wisconsin?
“I’m knocking on wood, no. But that doesn’t make me feel any better,” said David Cagigal with the state Department of Administration. “All that says is that we have measures in place for today’s attacks. What about tomorrow’s attacks?”
According to Cagigal, who serves as chief information officer for the agency’s Division of Enterprise Technology, Wisconsin can have the most state-of-the-art detection and defense software in place, but it won’t help if an attack succeeds.
Cagigal is trying to forge partnerships among state agencies and the private sector. For example, get the Department of Transportation talking with trucking companies and the Wisconsin Department of Financial Institutions talking with banks about how they’d work together and help after an attack and long-term outage.
“In the heat of chaos … I thought we witnessed it in Sandy Beach. I thought we witnessed it in Katrina. We forgo competitive actions when we’re in dire straits, where humanity is at stake and where we need to respond together,” Cagigal said.
Maj. Gen. Don Dunbar leads the Wisconsin National Guard. Maureen McCollum/WPR
The leader of the Wisconsin National Guard is thinking along similar lines.
“If the grid went down and it was long term, something catastrophic, it’s in my interest as the homeland security advisor and the adjutant general to make sure the state has thought through, ‘How do we help in that recovery?’” said Maj. Gen. Don Dunbar
The Guard runs through exercises for so-called “black sky days,” a worst case scenario, long-term power outage. If an attack brought the grid down, they have plans in place for getting people food, water, and shelter.
The Weakest Links
But just how likely is it that a successful attack would occur?
“That’s a great question. I’ll tell you, I’ve been to events where very intelligent, gifted briefers have said that the grid is so resilient, that it’s very unlikely that it would ever crash,” said Dunbar. “I’ve been to events where very gifted intelligent briefers have said it’s as vulnerable as anything and it’s going to happen tomorrow.”
There are a few specific vulnerabilities in the electric system that have some people, like the state’s Cagigal, concerned. Infrastructure like power stations, water reservoirs, and rail systems are controlled by ICSs, or industrial control systems. The remote switches that control those systems have IP addresses, which have the ability to be hacked or controlled by anyone.
“At the end of this year, in 2016, 2017, 2018, we’re going to see an enormous amount of concern from anyone who’s talking about the infrastructure and its porous nature today,” said Cagigal. “We need to start plugging some holes.”
Cagigal and University of Wisconsin-Madison professor of power engineering Chris DeMarco point to the Target credit and debit card data breach in 2013. Reports show hackers were able to access the information through a remote HVAC system with Internet connectivity.
“Closing all points where people can cross over is extremely important,” said DeMarco. He was involved in UW research in the 1990s and early 2000s, coming up with worst-case scenario cyberattacks and solutions to solve them.
Since then, DeMarco said, the equipment that acts as the eyes and ears monitoring the grid has improved immensely, but he said more work needs to be done.
“I do think there is further work in the more advanced technologies of how you detect unusual patterns of behavior in the grid, what you might design differently in control strategies and the way hardware operates to protect.”
Wisconsin Public Radio, © Copyright 2024, Board of Regents of the University of Wisconsin System and Wisconsin Educational Communications Board.
