The need to protect the power grid is heating up just like the temperature outside. Millions across the U.S. have been affected by the extreme heatwave blanketing states from the west coast to the midwest onto the east coast. On top of that, wildfires have broken out in California and New Mexico, and hurricane season is projected to be one of the worst in history. While this all spells many concerns, for our purposes it means that the country’s energy grid needs to be more resilient than ever before. Add on the rising threat cyberattacks on these critical infrastructure networks play, and you have a perfect storm.
The Convergence of Weather and Cybersecurity
According to a study led by Johns Hopkins, the University of California, Berkeley, and the New York University (NYU) Center for Urban Science and Progress (CUSP), hackers are leveraging these weather trends to target energy systems when they are at their most vulnerable. Through carefully designed modeling, the researchers were able to summarize what would happen if such hackers were successful at committing this kind of timed cyberattack. The study, titled “Operational and economy-wide impacts of compound cyber-attacks and extreme weather events on electric power networks,” concluded that an attack carried out in the wake of a weather event increased the potential impact three times more than a “standalone” cyberattack. On top of that local economies could experience a 37% drop in economic activity if faced with a compound threat.
Initiatives to Protect the Grids
So, what do we do to shield electric grids from the risk of a weather and cybersecurity crisis? In January, The US Department of Energy (DOE) allocated $70 million to support research into technologies that would decrease energy infrastructure’s openness to hazards, including threats related to cyber, natural disasters, and climate change symptoms. Areas of concentration for the program ranged from cybersecurity research to “innovative solutions that will reduce the impact of climate effects on energy transmission and reliability,” as described in Smart Energy International.
More recently, the Energy Department’s cybersecurity office announced a guideline of cybersecurity best practices designed specifically for clean energy supply chains. Built around insight from energy, automation, and industrial control system professionals, the practices are aimed at both suppliers and end users. They include recommendations such as upholding vulnerability management processes, offering access to security patches and ensuring mutual understanding of cybersecurity tools and resources.
As these initiatives continue to unfold, it’s clear that they will have large challenges to address. Taking a holistic approach from research to manufacturing to integration into operations and beyond will be absolutely necessary.
Sources:
- “Record-breaking US heat wave scorches the Midwest and Northeast, bringing safety measures” – by John Seewer and Patrick Orsagos, Associated Press
https://apnews.com/article/us-extreme-heat-wave-45df289d7da2107b272a3839f5828e2f - “Double Trouble: When Weather Emergencies Meet Malicious Hackers” – Danielle McKenna, Johns Hopkins Whiting School of Engineering
https://engineering.jhu.edu/news/double-trouble-when-weather-emergencies-meet-malicious-hackers/ - “US DOE to fund resilience tech for energy infrastructure” – Smart Energy International
https://www.smart-energy.com/finance-investment/us-doe-to-fund-resilience-tech-for-energy-infrastructure/ - “Manufacturing cybersecurity at heart of new White House guidance” – Kate Magill, Manufacturing Dive
https://www.manufacturingdive.com/news/energy-department-cybersecurity-manufacturing-supply-chain-best-practices/719479/