Next Target of Cyberattack: electric grids?

November 5, 2019

Image by H. Hach from Pixabay

On March 5th, 2019 "a Utah renewable energy developer [sPower] was hit by a first-of-its-kind cyberattack". This attack briefly disconnected wind and solar farms from the company's control center. The attack this company suffered is known as "denial of service" (DoS): the attackers send so many requests to the network that eventually it crashes and stops responding. The attackers were able to accomplish this by exploiting a well-known vulnerability in Cisco firewalls.

Although the "hackers did not cause any blackouts or generation outages," this was the first confirmed incidence of "interruptions of electrical system operations," according to Department of Energy records. Also, there was no evidence that the security breach affected other services or systems beyond the DoS. The company under attack confirmed that the interruptions had no impact on generation and did not cause electrical system separation.

This kind of attack on the power grid might not seem like a big deal, but it can intensify other problems. For example, in 2015, hackers attacked Ukraine's electrical grid. They also performed a DoS on the grid’s telephone service, aiming to impede recovery. If communications are affected during high energy demand periods, this could lead to a generation gap affecting an entire city. "Based on DOE grid disturbance records," communications interruptions are relatively frequent for wind and solar projects and they "rarely lead to blackouts." Renewable energy plants are not designed to stop feeding the network if communications are lost.

Source: First-of-a-kind U.S. grid cyberattack hit wind, solar (Blake Sobczak, E&E News reporter)