Take comfort in the fact that it’s highly unlikely it would last that long. While a black start of the power grid is hard and long, for most areas it’s long on the scale of days, not months.
Low priority, read poor, places may be put for a weeks to a month or so, but the stores and cities probably won’t be. For all the author cites a vague cyberattack, nearly all of our core transmission infrastructure is primarily protected by dumb fuses and fail safe design.
The closest I can come up with for an attack that physically damages infrastructure would be some long running backdoor in a bunch of diffrent SCADA systems at various power plants being used to come up with specific lines of attack for each plant, and even that’s couldn’t get all of them. It’s also pretty unlikely, though admittedly not impossible.
If it makes you feel better, note that Ukraine has been dealing with constant cyber attacks on its grid by a nation state actor with a major cyber warfare program, as well as near constant missiles to anything on the grid that looks important or expensive, and has been able to by and large keep the core of the grid online, although admittedly it does have outside help in doing so.
While cyberattacks on SCADA systems can definitely be done, see stuxnet, they arn’t magic. Instead requireing specific exploits in specific versions of often not even internet connected software.
The grid isn’t all or nothing, so the remaining stations would be able to come back online and link back up in a few hours, and more and more customers would be brought online as generation capacity grew to match, prioritizing things like hospitals and shops.
All telecom stuff in the US designed for at least 72 hours without power, and a lot of it does have backup generators and plans to keep those fueled long term. Hospitals need to have a week of fuel on site, and again they have plans to get more in.
The reason why we don’t have a clear nationwide plan in case of cyberattack isn’t that no one’s thought of it, but rather that the reaction depends heavily on what plants are down and how long it will take to fix them, and we can’t know that in advance. Instead each local operation has its own maps, troubleshooting guides, and training on how to bring its parts back online. These people know how their shit works, what it does, and how to cobble together replacements for broken components.
To the last point: it is also a better plan to guard against a nationwide attack. If we regulate the cyberattack response of every plant in the same way, any weakness can be exploited in all of them instead of currently having to tailor an attack for each specific plant. We have a sort of extra layer of defense in the form of individualism.
SCADA attacks aren’t really necessary any more, those systems are (usually) locked down and obscure. The new hottness is smart home attacks!
If an attacker got control of one or more “smart” device networks they could geographically correlate devices and then cause local imbalances in the grid. Turning on all the vulnerable appliances in one area while turning them off somewhere else will cause HUGE transient currents as generation from the low use area is sent to the high use area. Just as things are about to stabilize you reverse the whole thing. If the attack is kept up for long enough or the shifting load is big enough damage could be done to the transformers and lines that tie one area to another and eventually generating equipment will have to be taken offline until thing’s settle down.
If the attacker is really clever they could gently probe the grid with a small load change to figure out the rate at which it responds and then get it oscillating! A much smaller number of devices could be used to do that.
All residential use only comes to 21% of US electrical demand, and while 46% of that is in the form of increasing internet connected heating and air conditioning, most such systems compressor motors have protections to prevent short cycleing, albeit mostly in software. Your also never going to be able to control them on anything approaching grid frequency, with most of them taking seconds to react even if you could sync time between them that accurately. I think you may be underestimating the amount of inertia in the grid, especially that of industrial customers.
It’s also worth noting that grid operators are going to notice such an attack very quickly, and can again temporarily shed load in the most vulnerable areas, cutting them off from the network.
Finally, sudden large spikes in transmission lines are indistinguishable from a ground fault to most contactors and grid protection devices, so most of them would shut down all on their own if they were close to overloading. Similarly, large transformers do have thermal cutoffs, and overheating them would be the main risk to them in such an attack, as unlike an EMP or lightning strike such an attack would be unable to spike grid voltage nearly high enough to lead to dielectric breakdown.
In the end, while I could see an nation state actor causeing an outage this way, I don’t see it keeping anyone but residental customers offline for more than a few hours. Even then the short term solution would be to get most of the people to disconnect their AC’s breaker if it’s acting up.
Highly disruptive and potentially fatal if done during the worst of winter yes, but to the point FEMA and the Military are staring to run out of MREs no.
Take comfort in the fact that it’s highly unlikely it would last that long. While a black start of the power grid is hard and long, for most areas it’s long on the scale of days, not months.
Low priority, read poor, places may be put for a weeks to a month or so, but the stores and cities probably won’t be. For all the author cites a vague cyberattack, nearly all of our core transmission infrastructure is primarily protected by dumb fuses and fail safe design.
The closest I can come up with for an attack that physically damages infrastructure would be some long running backdoor in a bunch of diffrent SCADA systems at various power plants being used to come up with specific lines of attack for each plant, and even that’s couldn’t get all of them. It’s also pretty unlikely, though admittedly not impossible.
If it makes you feel better, note that Ukraine has been dealing with constant cyber attacks on its grid by a nation state actor with a major cyber warfare program, as well as near constant missiles to anything on the grid that looks important or expensive, and has been able to by and large keep the core of the grid online, although admittedly it does have outside help in doing so.
While cyberattacks on SCADA systems can definitely be done, see stuxnet, they arn’t magic. Instead requireing specific exploits in specific versions of often not even internet connected software.
The grid isn’t all or nothing, so the remaining stations would be able to come back online and link back up in a few hours, and more and more customers would be brought online as generation capacity grew to match, prioritizing things like hospitals and shops.
All telecom stuff in the US designed for at least 72 hours without power, and a lot of it does have backup generators and plans to keep those fueled long term. Hospitals need to have a week of fuel on site, and again they have plans to get more in.
The reason why we don’t have a clear nationwide plan in case of cyberattack isn’t that no one’s thought of it, but rather that the reaction depends heavily on what plants are down and how long it will take to fix them, and we can’t know that in advance. Instead each local operation has its own maps, troubleshooting guides, and training on how to bring its parts back online. These people know how their shit works, what it does, and how to cobble together replacements for broken components.
To the last point: it is also a better plan to guard against a nationwide attack. If we regulate the cyberattack response of every plant in the same way, any weakness can be exploited in all of them instead of currently having to tailor an attack for each specific plant. We have a sort of extra layer of defense in the form of individualism.
SCADA attacks aren’t really necessary any more, those systems are (usually) locked down and obscure. The new hottness is smart home attacks!
If an attacker got control of one or more “smart” device networks they could geographically correlate devices and then cause local imbalances in the grid. Turning on all the vulnerable appliances in one area while turning them off somewhere else will cause HUGE transient currents as generation from the low use area is sent to the high use area. Just as things are about to stabilize you reverse the whole thing. If the attack is kept up for long enough or the shifting load is big enough damage could be done to the transformers and lines that tie one area to another and eventually generating equipment will have to be taken offline until thing’s settle down.
If the attacker is really clever they could gently probe the grid with a small load change to figure out the rate at which it responds and then get it oscillating! A much smaller number of devices could be used to do that.
All residential use only comes to 21% of US electrical demand, and while 46% of that is in the form of increasing internet connected heating and air conditioning, most such systems compressor motors have protections to prevent short cycleing, albeit mostly in software. Your also never going to be able to control them on anything approaching grid frequency, with most of them taking seconds to react even if you could sync time between them that accurately. I think you may be underestimating the amount of inertia in the grid, especially that of industrial customers.
It’s also worth noting that grid operators are going to notice such an attack very quickly, and can again temporarily shed load in the most vulnerable areas, cutting them off from the network.
Finally, sudden large spikes in transmission lines are indistinguishable from a ground fault to most contactors and grid protection devices, so most of them would shut down all on their own if they were close to overloading. Similarly, large transformers do have thermal cutoffs, and overheating them would be the main risk to them in such an attack, as unlike an EMP or lightning strike such an attack would be unable to spike grid voltage nearly high enough to lead to dielectric breakdown.
In the end, while I could see an nation state actor causeing an outage this way, I don’t see it keeping anyone but residental customers offline for more than a few hours. Even then the short term solution would be to get most of the people to disconnect their AC’s breaker if it’s acting up.
Highly disruptive and potentially fatal if done during the worst of winter yes, but to the point FEMA and the Military are staring to run out of MREs no.