Weird California Incident Last Year Points To The Real Threat To The Power Grid (Hint: It's Not Cyberattacks)
from the uncommon-common-sense dept
Via Bruce Schneier’s blog, we learn of the following intriguing story published in Foreign Policy:
Around 1:00 AM on April 16, at least one individual (possibly two) entered two different manholes at the PG&E Metcalf power substation, southeast of San Jose, and cut fiber cables in the area around the substation. That knocked out some local 911 services, landline service to the substation, and cell phone service in the area, a senior U.S. intelligence official told Foreign Policy. The intruder(s) then fired more than 100 rounds from what two officials described as a high-powered rifle at several transformers in the facility. Ten transformers were damaged in one area of the facility, and three transformer banks — or groups of transformers — were hit in another, according to a PG&E spokesman.
Oil then leaked from the transformers, causing them to overheat and shut down. However, there were no major power outages, and no long-term damage. The Foreign Policy post gives a good summary of what we do and don’t know, and is well-worth reading in full. As Schneier comments:
The article worries that this might be a dry-run to some cyberwar-like attack, but that doesn’t make sense. But it’s just too complicated and weird to be a prank.
Anyone have any ideas?
Feel free to theorize in the comments about what happened last April. Absent further information, I’d like to focus here on the following perceptive analysis from the article:
At the very least, the attack points to an arguably overlooked physical threat to power facilities at a time when much of the U.S. intelligence community, Congress, and the electrical power industry is focused on the risk of cyber attacks. There has never been a confirmed power outage caused by a cyber attack in the United States. But the Obama administration has sought to promulgate cyber security standards that power facilities could use to minimize the risk of one.
This fixation on “cybersecurity” is something that Techdirt has been pointing out for a while. It seems largely driven by canny defense and security companies hungry for profitable contracts, which are able to take advantage of politicians intimidated by technology and worried about seeming “soft” on “cyberterror.” Kudos, then, to Jon Wellinghoff, the chairman of the Federal Energy Regulatory Commission, who seems to have more common sense than most of his colleagues:
A shooter “could get 200 yards away with a .22 rifle and take the whole thing out,” Wellinghoff said last month at a conference sponsored by Bloomberg. His proposed defense: A metal sheet that would block the transformer from view. “If you can’t see through the fence, you can’t figure out where to shoot anymore,” Wellinghoff said. Price tag? A “couple hundred bucks.” A lot cheaper than the billions the administration has spent in the past four years beefing up cyber security of critical infrastructure in the United States and on government computer networks.
Quite.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Filed Under: cybersecurity, physical security, power grid, security, threats
Comments on “Weird California Incident Last Year Points To The Real Threat To The Power Grid (Hint: It's Not Cyberattacks)”
Price tag? A “couple hundred bucks.”
And that’s why such sanity would never manage to be widespread in politics, it’s wicked hard to get good kick-backs and ‘future employment opportunities’ unless some company stands to make millions from a contract.
Re: Re:
A couple of hundred bucks for one facility. How many electrical transformer sites are there? The comparison is false.
I also doubt it would be “a couple hundred bucks” but more likely “a couple thousand bucks”, but a million sites at a thousand a site would still be significantly less than the cybersecurity money pit.
Re: Re: Re:
I doubt $200 would pay for the installation let alone a metal wall.
Re: Re: Re: Re:
Depends on what the ‘wall’ is supposed to do. For a sheet of metal thick enough, and installed securely enough to stop bullets, yeah, you’d probably be looking at at least a thousand between materials and installation.
However, what it sounded like from his comment:
His proposed defense: A metal sheet that would block the transformer from view. “If you can’t see through the fence, you can’t figure out where to shoot anymore,” Wellinghoff said.
… is that the sheet is only supposed to block the critical parts from view, so any potential shooter would have no easy way to target important pieces, and would either have to get past the sheet/fence, or just shoot blindly and hope they hit something important.
Re: Re: Re:2 Re:
A piece of metal just big enough to obscure me from view makes me an identifiable target, not a protected one.
Re: Re: Re:
Not only are you correct about the improper comparison, I would like to point out that anyone really serious about shutting down a facility like the one which was attacked could easily gather intelligence from an unmanned drone, and then attack it with, for example, bombs/grenades launched from a small truck-mounted catapult. Or even possibly just with small rockets designed to drop metal cables in the proper locations — no explosives necessary.
Spending money to defend against the chance of someone attacking would almost certainly not be cost-effective, however, unless the likelihood of such attacks would increase dramatically. How unfortunate that human psychology is irrationally biased towards favoring safety against vanishingly rare but dramatic risks and ignoring common, small ones (like having less money because electricity is more expensive).
Bucks
Why spend a couple hundred bucks when you can spend a couple billion?
Re: Bucks
More than likely, these “attacks” on PG&E infrastructure were by PG&E customers who could no longer pay their bills.
Take it from a PG&E customer – the real terror is when you receive the bill in the mail and open it.
While I agree that it would still be cheaper, we still need to compare the cost of all the substations, not just one. Plus that hundred bucks estimate doesn’t include labor and kickbacks.
Nearly the same point was made in the first comment of the slashdot discussion: http://hardware.slashdot.org/story/13/12/29/0118228/hearing-shows-how-military-style-raid-on-calif-power-station-spooks-us
Re: Re:
Even with those considerations it’d still be considerably cheaper, and more useful than the money they’re throwing at cyber security.
Re: Re: Re:
Except for the Representatives who have family in the cybersecurity business.
Re: Re:
Kickbacks? I think you misspelled “bribes”.
Have we reached the point where we have to start budgeting for outright bribes now? If so, then we really have become a second-rate nation.
Re: Re: Re:
reminds me of the line in the movie with Jody Foster, Contact, in which someone (i cant remember who) asks ‘why have 1 when you can have 2 at twice the price?’ in other words, spend as much as possible and dont worry about how much is wasted doing ridiculous tasks when a modest sum would do a better job! the companies involved can say ‘thanks’ in nice ways!
Space Pen?
The US spent millions inventing a pen that would work in zero gravity. The Russians used a pencil.
Re: Space Pen?
The Russians started buying the space pen a few years after it became available because pencils in space suck:
http://www.snopes.com/business/genius/spacepen.asp
http://en.wikipedia.org/wiki/Space_Pen
http://en.wikipedia.org/wiki/Writing_in_space
Re: Space Pen?
The US didn’t spend anything, let alone millions, developing the space pen. They spent nothing. The Fisher Pen company spent $1 million developing it. NASA bought the pens from them for $2.39 each.
Re: Re: Space Pen?
thank you, amateur mythbuster…
Re: Re: Re: Space Pen?
You can buy them from Fisher for $10.00 for a cheap one with $6.00 refills.
http://www.spacepen.com/
The average politician
The average politician or CEO of a major company is an absolute sucker for a canny salesman.
Strike
Well I’d say this is obviously a Harlequins/Travelers vs. IBM-um Tabula/Brethren type situation.
Panopticon disprution.
http://www.research.ibm.com/labs/almaden/
http://www.amazon.com/John-Twelve-Hawks/e/B001JS0JPS
The Reign of Terror is beginning...
So, somebody (read power consumers) should cough up millions of dollars to do “something” about an isolated incident. A little bit of risk assessment is in order before letting out the contracts for millions of dollars for cyber security or steel walls.
The power companies could/should evaluate their systems to see where there are any critical places and then determine how to secure them. The power grid is a very big distributed system that covers thousands of miles of power lines and remote substations. It would take a big coordinated effort to “take it out” unless a major junction could be hit. That type of effort would require a LOT of people to pull it off with very good coordination or a lot of very well coordinated timers that could be set to go off weeks in advance while somebody runs around the country putting lots of them in place.
So the big question is whether or not this is a one node trend or in reality an isolated incident (like an angry customer in another post).
Part of a terror campaign is to actually cause terror in people. Since this happened a year ago, it seems like calling it a “cyber terror” attack and spending a billion dollars to fix it seems like an overreaction.
NERC CIPC report
from: http://www.texasre.org/Lists/Calendar/Attachments/605/Item%204d%20-%20NERC%20CIPC%20Report%20to%20TRE%20MRC%20-%202013Jun14.pdf
Silicone Valley Area ? Adjacent to City of San Jose, CA ? Between US 101 and a 600 MW Calpine generating plant.
Communication vaults for two communications providers damaged prior to substation attack. AT&T first. Then Level 3 Communications. Fiber cut flush with conduit entrance to vault to make repairs more difficult. Team apparently brought ladders or ropes to access the Level 3 vault.
Although utility communications went through those vaults the utility has alternate communications paths through microwave communication links. Communications to substation was not interrupted.
911 communications affected by the communications interruptions. Communications cut off to closest three towns from AT&T cut. Generating plant communications cut off by Level 3 vault attack.
Fence alarm detection, cameras on fence line, card reader access through fence. Fence alarms triggered three times due to bullets hitting fence. Attackers never entered substation.
More than 120 – 7.62×39 rifle rounds fired at autotransformers. 10 of 11 ? 500/230 kV transformers and 3 of 4 ? 230/115 kV transformers damaged and taken out of service. Only energized transformers shot.
Shots fired primarily low on the radiators. > 51,000 gals of oil spilled. Transformers tripped due to high temperature or low oil as cooling lost. First alarms came in about one minute after first shots detected.
Appears to have been a team of multiple people not just one or two. Spotters, shooters, communications attack, etc.
There was a computing device in the same room as the attackers when they were planning the raid, therefore it was a cyber attack.
Weird California Incident Last Year Points To The Real Threat To The Power Grid (Hint: It's Not Cyberattacks)
This attack was orchestrated by the NSA to influence the US gov and public that terrorist groups were still active and attempting to implement attacks.
NSA
The key question is why the NSA with all their absolutely critical data collection wasn’t able to prevent this.
Re: NSA
apparently their “dots” were so numerous that when they connected them, they got a picture of an elephant in the room.
Re: NSA
You silly, because they used cutters and guns, not phones or the Internet. Stupid wire cutters and guns are not joined to the “Internet of Things” yet……..
Re: Re: NSA
Neither were 9/11 and Boston. I think he meant that there was no ‘intelligence’ of the planned activity, which doesn’t sound totally spontaneous.
I remember, while growing up, during the revolutionary days of the late 60s and early 70s that people would bomb the towers supporting long distance power transmission lines. My idea was to shoot cables over the lines with a crossbow to short them out. Not that I ever thought about doing that seriously. I am not even sure that would work. The, rather conservative, dad of a friend of mine in high school, who was a civil engineer, said that somehow allowing the pumps that pumped water from the Central Valley in California over the Tehachapi mountains to LA to run in reverse would destroy those pumps which would take weeks to repair. Nowadays, one may be able to do that via the Internet but you cannot ignore physical security. Cybersecurity is very sexy these days and the media loves to focus on it and the expert color commentators they use, who are probably likely to profit, find this a great way stoke FUD.
I suspect whoever did this substation attack has similar motivations. The group that did this had some knowledge about the systems but not enough to show that it was some kind of insider attack. Four years ago, some fiber optic cables were cut nearby in San Jose cutting communications to parts of Silicon Valley and Santa Cruz County. That may have been an insider attack though (authorities still don’t know who or why). All the heavy equipment at Granite Rock’s Quail Hollow sand quarry in Santa Cruz county, CA were damaged when someone put a substance into the gas tanks which was very effective in destroying the engines. This happened, I think, last spring around the time of the substation attack.
We need to find out where these attackers are from and go invade a different country in that geographical region!
I’m William of Ockham, and my money is on the environmentalists.
I guess I misread the second amendment...
…I thought it guaranteed the right to arm bears. Now wandering groups of armed, hungry bears are attacking substations and mistaking humming transformers for gigantic hives full of bees and honey. BTW, bears don’t need no stinkin’ ropes or ladders to clamber around in vaults.
Getting paid to divert physical threats requires effort because physical threats are a real problem that do in fact exist and can happen and so there is work to be done to divert them.
Getting paid to divert a non-existing problem is cheap and easy so why not just lobby congress to pay you to divert non-existing problems. There is no work to be done because there is no problem in the first place.
I know what I’ll do. We are all going to get attacked by a bunch of unicorns from outerspace tomorrow. Congress needs to pay me to defend against this threat.
Ideas for the attack
Were there any casinos nearby whose vaults were soon after emptied?
lets look at a few things
1. MOST utilities are very easy to disturb. If you understand how they are setup and distributed, its very easy to take sections DOWN.
2. What a propaganda experiment..(real or NOT)
3. Long ago, many services were looking at placing MOST of the service under ground.. YOU STILL need access.. and if you dont LOCK IT DOWN, it can be accessed.
Considering how the system is built..THESE persons, did some damage, and it DIDNT AFFECT ANYONE?? I am TOTALLY amazed.
“Anyone have any ideas?”
Neo wanted to visit the Architect?
Shock Testing.
After all, its silly to depend on real terrorists to get the job done right, unless you train them yourself.
Failing the creation of a large war to distract the population from the activities of the Commercial Government of the USA, the only other possible route would be a huge “natural” disaster that killed hundreds of thousands and left millions homeless across the USA.
There’s a certain minimum limit to the level of an atrocity, or rather the public’s reaction to it, that makes it effective. If there’s too little damage, too few people die, the ruse might not work. This is why War is the favorite scam in these sorts of situations. Lot of damage and lots of death and lots of positive public response because we’re used to war and know what to expect and can quite readily switch our anger with the government for anger against the new foreign foe.
But massive homeland disasters are the next best thing.
Looks like at least one of these spooks in high places has read “Steal This Book”.
Theory: Disgruntled employee. Angry customer. Etc.