Why We Need Microgrid Cybersecurity: The Threat is Real

Nov. 3, 2017
Security experts describe a cyber attack against the power grid as a form of asymmetrical warfare, the equivalent of destroying a society by cutting off delivery of food and water, healthcare, commerce, and communications. This is the first article in a Microgrid Knowledge series that explores why we need to focus on microgrid cybersecurity to protect the grid of the future.

This is the first article in a Microgrid Knowledge series that explores why we need to focus on microgrid cybersecurity to protect the grid of the future. 

Download the full report.

Superstorm Sandy launched a wave of microgrid advocacy by revealing how easily wind and water could crush a major metropolitan power grid. Five years later, North America saw similar destruction with Hurricanes Harvey, Irma, and Maria. As devastating as these events were, none compare to the threat of a major cyber attack on the American electrical utility grid.

This new threat is worse because it often comes with less warning than acts of nature, offering little time to prepare. It carries the potential to take down larger swaths of the electricity system for longer periods of time because of the risk of cascading failures.

Security experts describe a cyber attack against the power grid as a form of asymmetrical warfare, the equivalent of destroying a society by cutting off delivery of food and water, healthcare, commerce, and communications. Contemporary economies run on electricity. Without electricity, they seize up.

“They can’t beat us in the air; they can’t beat us on the sea or ground. So they are going to go after us where we are vulnerable, and that is in protection of our infrastructure.” — William Anderson, a former Air Force assistant secretary and now a defense consultant who specializes in energy

As in all warfare, prevention is the first strategy. But beyond prevention, we must prepare for the worst. This means creating systems for rapid response, shelter for affected civilians, and protection of critical assets should hackers disrupt our power systems at the generation, distribution, or transmission levels.

[clickToTweet tweet=”Microgrids can power a community’s vital services. #cybersecurity” quote=”Microgrids can power a community’s vital services. #cybersecurity”]

Microgrids are increasingly part of that recovery plan because they can provide an electrified oasis during a power outage. Microgrids can power a community’s vital services – law enforcement; fire protection; medical care; distribution of water, food, and fuel; and communications. Some include a community center within their footprint, a shelter where the vulnerable can congregate to charge phones and connect with loved ones.

These islands of power are created by using utility disconnectable and standalone power sources, such as backup generators, spot generation, renewables, and batteries to power out-of-service utility lines. Microgrids take over power distribution during grid outages or voltage instability, or they can be set up as temporary or mobile power distribution in emergency scenarios.

Microgrid cybersecurity coming, but quickly enough?

Communities, hospitals, utilities, the military, and others have started building microgrids, but not fast enough. If a massive cyber attack knocked out a large section of the grid today, restoration likely would take months or years.

Navigant Research has identified 1,842 microgrid projects worldwide, many of which would protect critical services during grid outagesrepresenting nearly 20 gigawatts (GW) of power production. To put that in perspective, the U.S. power grid generates 1,000 GW to serve our needs; New York City, alone consumes 10 GW. We clearly must pursue cybersecure microgrids more quickly.

Meanwhile, one incident after another underscores the urgency of the cybersecurity risk. In December 2015, an attack in the Ukraine highlighted the vulnerability of power grids, not just in that country but across the developed world.

The Ukrainian grid was again attacked in December 2016. This time only a single substation was compromised. But the event was worrisome because attackers used a sophisticated cyber weapon nicknamed “Crash Override” that can easily be modified to attack a wide range of industrial facilities worldwide.

One month later, the Ukraine experienced from another cyber attack, this one causing 225,000 people to lose power for several days. Three utilities were hacked, possibly by a hostile state or pro-government hacker agencies, such as “Sandworm” or “Electrum”. The outages were caused by coordinated, remote cyber intrusions, “probably following extensive reconnaissance of the victim networks,” as reported by the U.S. Department of Homeland Security.

More recently, we’ve seen that it’s not just computer code that makes infrastructure vulnerable. It turns out that hackers may have a much wider playing field.

For example, in Dallas, Texas, the city’s 156 outdoor tornado sirens simultaneously and unexpectedly went off in April when hackers manipulated tonal codes, not computer code, in a 10-year-old radio system. For 90 minutes – until operators manually switched them all off – the sirens blared an unmistakable alarm illuminating the exposed state of our critical infrastructure.

It also has become clear that cyberterrorists can rely on human behavior to inadvertently aid and abet their destructive intentions. The “WannaCry” ransomware attack, which affected 200,000 systems in 150 nations on May 12, 2017, occurred largely because computer users failed to follow proper computer hygiene practices, say security experts. By neglecting to update  common Microsoft software with regularly offered security patches, they left the door open to malware.

But cybersecurity solutions aren’t always as simple as installing software updates. Utility operators and security experts worry about the possibility of hidden malicious code in the control systems managing the North American power grid. This complex electric network includes equipment from many parts of the world; the fear is that some of these components could contain ticking time bombs in the form of preset viruses or malware from hostile nations that are set to disrupt the grid at a later date.

Given the urgency of the situation, Microgrid Knowledge, in partnership with S&C Electric Company, has prepared this guide, “Microgrid Cybersecurity: Protecting and Building the Grid of the Future.” We offer this guide for download, free of charge, and encourage readers to circulate the report link widely.

In this guide, we explain how microgrids in general, and cybersecure microgrids in particular, offer protection during a cyber attack on our electric infrastructure.

Over the next few weeks, the Microgrid Knowledge Special Report series on microgrid cybersecurity will cover the following topics:

  • Grid Cyber Attacks: How is Our Electric System Vulnerable?

  • The Cybersecurity Value of Microgrid Islanding

  • How to Create a Cybersecure Microgrid and Protect the Macrogrid, Too

  • Microgrid Cybersecurity: Fighting Asymmetrical Warfare

  • First Cybersecure Microgrid Controller Installed by Midwestern Utility

The full report, “Microgrid Cybersecurity: Protecting and Building the Grid of the Future,” is downloadable free of charge courtesy of S&C Electric Co.

About the Author

Elisa Wood | Editor-in-Chief

Elisa Wood is the editor and founder of EnergyChangemakers.com. She is co-founder and former editor of Microgrid Knowledge.

Exploring the Potential of Community Microgrids Through Three Innovative Case Studies

April 8, 2024
Community microgrids represent a burgeoning solution to meet the energy needs of localized areas and regions. These microgrids are clusters of interconnected energy resources,...


Linking Clean Energy and Clean Mobility via Resilient Microgrids

Resilient microgrids and energy as a service (EaaS) business models can help to support grid assets by linking renewables, EVs, and advanced software systems to provide real time...