Physical and Cyber Threats to the U.S. Energy Infrastructure
August 15th, 2023
Physical and cyberattacks on energy infrastructure are a huge challenge and a growing concern. Both types of attacks are expected to continue, so finding ways to secure the energy sector is a must.
Physical security of energy infrastructure involves several vulnerabilities, such as the vast network of sub-stations, transformers, transmission lines, and other elements of the energy grid that are accessible to trespassers or criminals who wish to cause damage. Similarly, cyberattacks can involve hackers who have the intent to disrupt operations and gain access to control systems or critical operational components, such as tap changers or transformers.
Physical Attacks on Energy Infrastructure
A report by the National Conference of State Legislatures says, “Malicious actors can pose a serious threat to the physical security and resilience of our energy system. From simple trespassing and acts of vandalism to more serious attacks on energy infrastructure with destructive devices, states need to be aware of and prepared for physical threats perpetrated by humans.”
In recent years, a considerable increase has been seen in physical attacks on the energy grid. The Department of Energy says that a 77% increase was recorded in 2022. Towards the end of last year, a series of physical attacks on the energy grid took place. According to the Pierce County Sheriff’s Department, three substations were “vandalized” on Christmas Day, which caused more than 14,000 outages on the Tacoma Power and Puget Sound Energy systems. Earlier that month, a firearms attack in North Carolina knocked out power, which affected about 45,000 Duke Energy Customers.
Cyberattacks on Energy Infrastructure
With the advancement in technology and the need to digitalize the grid, the energy sector has been becoming extremely vulnerable to cyberattacks. Although the attacks have been rising steadily, the year 2022 saw a record high for the number of cyberattacks that took place in one year.
Previously, in 2021, the Colonial Pipeline was a victim of a ransomware attack. It was shut down for several days because some of its digital systems had been infected. Consumers and airlines along the East Coast were affected by the shut down, and the attack was considered a national security threat.
The 2020 Homeland Threat Assessment by the Department of Homeland Security says that “China possesses an increasing ability to threaten and potentially disrupt U.S. critical infrastructure.” The assessment also mentioned that “While Russia and China are the most capable nation-state cyber adversaries, Iranian and North Korean cyber actors also pose a threat to U.S. systems, networks, and information. Iran continues to present a cyber espionage threat and is developing access in the Homeland that could be repurposed for destructive cyberattacks.”
The 2021 threat assessment from the Office of the Director of National Intelligence, reiterated this concern.
The Way Forward: Best Practices for Securing Energy Infrastructure
The Cybersecurity & Infrastructure Security Agency (CISA) has mentioned best practices for securing energy infrastructure in their ‘Sector Spotlight: Cyber-Physical Security Considerations for the Electricity Sub-Sector,’ as follows:
- Protect Networks
- Secure Vulnerable Infrastructure
- Formalize Collaboration across Organizational Security Functions
- Update Outdated Infrastructure and Technology
- Assess the Supply Chain – ensure effective supply chain management practices.
- Secure Connected Devices
For a detailed understanding of the above-mentioned practices, click here.
Disclaimer: Any opinions expressed in this blog do not necessarily reflect the opinions of Certrec. This content is meant for informational purposes only.