Cyber Threat and Vulnerability Analysis of the U.S. Electric Sector

With utilities in the U.S. and around the world increasingly moving toward smart grid technology and other upgrades with inherent cyber vulnerabilities, correlative threats from malicious cyber attacks on the North American electric grid continue to grow in frequency and sophistication.

Power producers owners and operators understand that the effects of a coordinated cyber and physical attack on a utility’s operations would threaten electric system reliability and potentially result in large scale power outages.

Thanks but no thanks to the “sustainable” and “green” power producers like wind, solar and other heavily federal funded alternative sources!  Not only do they detract from the reliable power grid that consists of fossil fired plants and nuclear plants, but they wear down the physical grid system by causing power surges and negative supply periods… you know.. like when the sun doesn’t shine, and the wind doesn’t blow!

Here, in a nutshell, are the three key factors that line the United States of America…. up for a disaster of biblical proportions!

 Growth of networks and communication protocols used throughout ICS networks pose vulnerabilities that will continue to provide attack vectors that threat actors will seek to exploit for the foreseeable future. The interoperable technologies created for a shift toward a smart grid will continue to expand the cyber attack landscape.

 Threat actors on multiple fronts continue to seek to exploit cyber vulnerabilities in the U.S. electrical grid. Nation-states like Russia, China, and Iran and non-state actors, including foreign terrorist and hacktivist groups, pose varying threats to the power grid. A determined, well-funded, capable threat actor with the appropriate attack vector can succeed to varying levels depending on what defenses are in place.

 Utilities often lack full scope perspective of their cyber security posture. Total awareness of all vulnerabilities and threats at all times is improbable, but without enough cyber security staff and/or resources utilities often lack the capabilities to identify cyber assets and fully comprehend system and network architectures necessary for conducting cyber security assessments, monitoring.

All things considered, the reliability of our power production is shaky on its best day!  And who do we have to thank for this?  Federal overreach and unfettered spending programs that allow the government to pick winners and losers in the very life blood that we depend on every second, every minute and every hour of the day!

Johnson Long