US and Canadian power grids at risk of cyber attack

The power grids in the US and Canada may be at risk to cyber attacks, pandemics and electromagnetic disturbances, according to a report from the North American Electric Reliability Corporation (NERC).

The 118-page report called High-Impact, Low-Frequency Risk to the North American Bulk Power System gives the findings of NERC’s closed discussions with electricity providers and the US government. It states that there is a danger that if multiple key nodes in the power grid systems are damaged, destroyed, or “interrupted in a coordinated fashion” then standard protective measures may cease to apply, presenting a larger risk to the grids as a whole.

Cyber attack is seen as the highest risk to the power supply of Americans and Canadians, which NERC believes may be combined with physical attacks for added, complete devastation. Gerry Cauley, the CEO of NERC, revealed in a press conference that there is “suspicious activity” around control systems and said that proper protection protocols need to be put in place.

The report highlights the risk of adaptive attacks that might “manipulate assets” and mislead those who are trying to solve the problem. This would result in workers unwittingly carrying out the plans of the attackers as part of a much more elaborate scheme. This may sound like something from a movie, but NERC believes the threat is real and new detection tools are needed and that power grid controls need to be designed for survivability.

Part of the fix will involve a system of mitigation which will prioritise and protect key assets first and foremost to avoid a complete wipeout of the entire power supply. Specific details on what these kinds of protection systems would be have not been revealed, probably to ensure attackers do not use the information as part of their plans.

The effect of a cyber attack on power grids could be a minor problem that may affect a remote area, or it could be a catastrophe akin to what we saw in Die Hard 4. We might have thought it was all fiction, but clearly the big boys in charge are concerned.

NERC helpfully told us, when we got in contact, to look at its website.