PNNL practices defense drill against cyber attack on grid

Annette Cary, Tri-City HeraldNovember 16, 2013 

Suggested cutline: PNNL Senior Cyber Research Scientist Phil Craig oversaw PNNLÕs collection of data from all of the approximately 200 organizations which participated in GridEx II across the country.

Pacific Northwest National Laboratory scientists practiced for a potential disaster that few people likely worry about last week -- a cyber attack on the nation's electric grid.

But such an attack has the potential to spread quickly across the nation's grid, disrupting power supply and crippling the ability to provide the basic and emergency goods and services on which the nation relies.

Operators could lose control over the distribution of electricity or the attack could cause a prolonged blackout.

"A local problem could at light speed become a regional problem, a state problem, a whole western side of the nation problem," said Phil Craig, a senior cyber security research scientist at Pacific Northwest National Laboratory in Richland.

The drill, called GridEx II, was the largest that has been held in the nation, allowing about 200 agencies, including PNNL, to participate from their normal workplaces and practice defending against a cyber attack on the nation's electric grid.

The drill also will provide information to assess how prepared the nation is for a cyber attack on the grid and the ability of public and private agencies to work together in a crisis.

It was organized by the North American Electric Reliability Corp., which is under the oversight of the Federal Regulatory Commission, following an initial and much smaller drill in 2011.

PNNL not only used the drill to test its own capabilities, but also to collect data about communication among the agencies participating in the drill for an assessment on how well the players were able to identify cyber security issues and how well they collaborated to make sure the attack did not spread, Craig said.

Among the scenarios was a breach of a single substation, originally thought to be a copper theft. Instead, a computer hacker had infiltrated the property to insert a flash drive into the control system to upload malicious software.

As the nation moves to a "smart grid," one where there is two-way communication to efficiently integrate the supply and demand for electricity, the risk of a cyber attack grows. With two-way communication between the electric system and a large number of devices located outside of utilities, the number of potential access points for attackers increases, according to information provided to the House Energy and Power Subcommittee by FERC in May 2011.

An attacker who gains cyber access to grid communication channels could order metering devices to disconnect customers or could order electric generation sources to turn off, causing instability and outages, according to FERC.

While the results of the drill are still being analyzed, Craig said it did confirm the ability of law enforcement agencies, from the Federal Bureau of Investigation to local law enforcement, to participate in solving problems for power companies.

"Exercises like this help strengthen relationships, improve crisis response plans and increase the flow of critical information to the electricity sector," said Brian Harrell, associate director of Critical Infrastructure Programs at the North American Electric Reliability Corp., in a statement.

-- Annette Cary: 582-1533;; Twitter: @HanfordNews

Tri-City Herald is pleased to provide this opportunity to share information, experiences and observations about what's in the news. Some of the comments may be reprinted elsewhere in the site or in the newspaper. We encourage lively, open debate on the issues of the day, and ask that you refrain from profanity, hate speech, personal comments and remarks that are off point. Thank you for taking the time to offer your thoughts.

Commenting FAQs | Terms of Service