For the past two years, many industry observers have worried that we’re entering a new era of frequent and destructive attacks against the grid. Indeed, the numbers are concerning. In 2022, there were more attacks on the American grid than any other on record. 163 in 2022 vs 94 in 2020, to be specific. This could be a random aberration from the mean, but there’s reason to believe otherwise.
In January of 2022, the Department of Homeland Security warned of credible and specific plans to attack the grid by domestic terrorists, but didn’t get much into specifics.
Attacks on the country’s power grid have been frequent for a long time, but what makes these recent efforts noteworthy is their relative success. Historically, the vast majority of non-cyber grid infrastructure attacks have failed to cut power to many people.
That isn’t true of the most recent attacks. The North Carolina attack in December left around 45,000 people without electricity and the criminals still haven’t been found. A few weeks later, two men attacked substations in Washington state, leaving thousands without power and causing millions in damage. The PG&E substation bombing left around 1,000 without power, and got lots of media attention for how it was carried out and the man’s supposed racist motives.
The success of these recent attacks, along with Russia’s well publicized campaign against Ukraine’s grid, might very well be drawing the attention of bad actors to our grid. I hope I’m wrong, but this prognosis makes a lot of sense. The grid is a vulnerable target, with big transmission lines and the likes often being located in rural, out of the way places where they’re hard to guard. A small-scale rudimentary attack can cause big problems, as we’ve just seen. It’s low hanging fruit for nefarious actors.
Grid infrastructure has always been vulnerable, but now bad people know about it. I fear that we might be entering a phase of copycat grid vandalism. The copycat phenomenon in crime refers to the idea that certain types of crimes or behaviors can inspire or influence others to imitate them. This can occur through media coverage of a crime, as well as through personal connections or relationships with the perpetrator.
Luckily, recent advances in artificial intelligence could make it much easier to protect grid infrastructure without utilities vastly increasing their man power. New AI security collects mountains of data from things like sensors and cameras, both novel and preexisting, to detect anomalies and unauthorized access. Basically, it gets the utility security team closer to omnipresence, something that was once unimaginable because of the size of grid infrastructure.
While AI security systems are most exciting because of their potential for proactive prevention, they also represent a step forward in incident response and recovery. In the event of a security breach, there are systems that use RGB lighting and thermal imaging to alert security. What’s more, AI-powered systems use data to help security personnel prioritize their actions and resource allocation, as well as aid in the coordination with law enforcement. Together, all of this could greatly reduce response times to physical attacks on grid infrastructure.
Although AI-powered security tools are still in their infancy and can be pricey, they show promise in acting as a legitimate check against acts of grid vandalism and terrorism. No, they aren’t a silver bullet, but those are close to non-existent in security. A risk always exists, it’s a question of mitigating it as much as possible.