Senior decision-makers come together to connect around strategies and business trends affecting utilities.


You need to be a member of Energy Central to access some features and content. Please or register to continue.


Grid Cybersecurity: The Threat Grows, Defenses Evolve

image credit: Photo of Morgan O’Brien - Credit: Anterix

By Llewellyn King

When tensions got white-hot between the United States and Iran over the assassination of Iranian general Qasem Soleimani, it was widely believed the U.S. electric utilities would bear the brunt of Iranian reprisals. The nation’s electric industry leaders spent anxious hours wondering where, when and how bad?

It did not happen, but the alarm was well-founded. It followed mounting concerns flagged last December by the National Infrastructure Advisory Council (NIAC) and followed by an equally alarming report this month from Dragos, a leading cybersecurity consultancy which issues a threat assessment annually.

The Dragos report predict a possible multi-pronged attack, striking at vulnerabilities in the utilities including those in the supply chain. Dragos identifies threats from attacker groups Magnallium and Xenotime. These have, according to Dragos, migrated from attacking oil and gas installations to electric utilities. It does not name countries.

Dragos states that the complete energy infrastructure is under attack and that the attacks are getting more sophisticated. A group identified by Dragos last year, Parasite, has been focusing on remote connectivity and virtual private networks as points of entry.

It is easy to read these warnings, and another by the Congressional Research Service, as announcing inevitable gloom. But a lot of people in and out of government are now centered on the cybersecurity problem. These include the departments, of Energy, Defense, Homeland Security and the intelligence agencies that prepare the counterattack capability.  

As attacks get more sophisticated and penetrating, so too do the defenses and the ability of the targets to “lockout” invaders. Defenses can also include hardening systems that are not involved in electricity production and distribution – communications, for example.

Morgan O’Brien is a legend in the telecommunications industry. He was the cofounder of Nextel, the company which gave the world cellphones. He now works in the utility space: His mission is to harden communications by providing private broadband networks that are independent of everything -- including the internet -- and will survive most disasters, natural and man-made.

O’Brien is president and CEO of Anterix, which offers secure broadband via the 900 MHz spectrum which it has acquired. He told me, “People do not have to use imagination to understand what may happen to them in the event of a wide-scale power outage. Who can forget watching the collapse of civilization within a day or two of Hurricane Katrina?”

The good news, according to O’Brien, “is that progressive utilities and regulators are preparing for the worst by redesigning the architecture of the electric grid to pinpoint grid failures and in near real-time reroute power to isolate the failure, thus curtailing cascading power shutdowns.” 

The magic number for O’Brien is 1.4 seconds. That is how long he says it would take the electric utility to learn of a failure using one of his company’s private networks. So, if a power line fails, in almost real time the utility will know. Remediation or isolation can begin.

Most security is directed at protecting and isolating industrial controller systems (ICS), the computer-driven programmable devices that are at the heart of all industrial installations including utilities. But there are other vulnerabilities, not all to do with cyberattack.

The New York Times reported graphically last October on the failure of communications at Pacific Gas and Electric, the giant San Francisco-based utility beset by wildfires. Everything went wrong and the company lost its ability to tell its customers, including nursing homes and other essential users, when it was cutting off the power. Even the state emergency services could not reach the utility control room, while, to quote the Times, “chaos unspooled outside.”

How vulnerable is the grid? While no one will quantify the threat, everyone I have talked to says it is there and very real. Fixing and it keeping it ahead is part of the new need for an ever-evolving  infrastructure.

But as O’Brien says, “For sure, the grid is under attack daily by bad cyber-activists and is routinely hammered by weather phenomena. The doomsday scenario is plenty scary, but I’ll put my money on American technology and determination to keep the lights on.”

The enemy is out there in a hostile world, but the battlements are manned by old and new forces.

Llewellyn King is executive producer and host of “White House Chronicle” on PBS. His email is



Llewellyn King's picture

Thank Llewellyn for the Post!

Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.


Matt Chester's picture
Matt Chester on Jan 21, 2020 4:04 pm GMT

The magic number for O’Brien is 1.4 seconds. That is how long he says it would take the electric utility to learn of a failure using one of his company’s private networks. So, if a power line fails, in almost real time the utility will know. Remediation or isolation can begin.

That's pretty encouraging and is all thanks to the myriad of amazing digital tools that utilities have been implementing over the past 2+ decades. Hopefully they won't need to be seriously put to the test though. 

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »