New York City during a blackout in 2003. More than 150 companies and groups will take part in a drill that will simulate attacks on the power grid.
By MATTHEW L. WALD NY Times
Published: August 16, 2013
The electric grid, as government and private experts describe it, is the glass jaw of American industry. If an adversary lands a knockout blow, they fear, it could black out vast areas of the continent for weeks; interrupt supplies of water, gasoline, diesel fuel and fresh food; shut down communications; and create disruptions of a scale that was only hinted at by Hurricane Sandy and the attacks of Sept. 11.
This is why thousands of utility workers, business executives, National Guard officers, F.B.I. antiterrorism experts and officials from government agencies in the United States, Canada and Mexico are preparing for an emergency drill in November 2013that will simulate physical attacks and cyberattacks that could take down large sections of the power grid. They will practice for a crisis unlike anything the real grid has ever seen, and more than 150 companies and organizations have signed up to participate.
“This is different from a hurricane that hits X, Y and Z counties in the Southeast and they have a loss of power for three or four days,” said the official in charge of the drill, Brian M. Harrell of the North American Electric Reliability Corporation, known as NERC.
Brian Harrell is the Associate Director of Critical Infrastructure Protection (CIP) Programs for the North American Electric Reliability Corporation (NERC) joining NERC in August 2010. In this capacity he is responsible for managing ERO wide critical infrastructure protection standards initiatives and assist in the development of the overall CIP program strategy. Mr. Harrell has 17 years of experience in the security industry serving in organizations such as law enforcement, military, and corporate security, among others. Brian is formerly the Manager of Critical Infrastructure Protection for SERC Reliability Corporation where he oversaw all security and CIP reliability related matters for the Region. Prior to joining SERC, Brian was the Sector Security Specialist for the Infrastructure Security Compliance Division at the U.S.Department of Homeland Security (DHS). Brian specialized in securing high risk critical infrastructures and Continuity of Operations (COOP) for DHS. Brian also served in the US Marine Corps as an Anti-Terrorism and Force Protection Instructor. Brian has a MA from Central Michigan University and a BA from Hawaii Pacific University. He is also board certified in security management. He lives in Purcellville, Virginia with his wife Jenea and 3 kids. ]
One goal of the drill, called GridEx II, is to explore how governments would react as the loss of the grid crippled the supply chain for everyday necessities.
“If we fail at electricity, we’re going to fail miserably,” Curt Hébert, a former chairman of the Federal Energy Regulatory Commission, said at a recent conference held by the Bipartisan Policy Center.
Curt Hébert is a visiting scholar at the Bipartisan Policy Center [link overviews August 6, 2013 initiative with top speaker General Michael Hayden of the Chertoff Group] and partner with The Brunini Law Firm. He is the former CEO of Lexicon Strategy Group, LLC, a firm that focuses on policy and regulatory issues in the financial, energy and governmental sectors. Previously, Hébert was executive vice president at Entergy Corporation, where he supervised the company’s system regulatory efforts and strategies, system and federal government relations, environmental policy, external and internal communications, and corporate contribution functions. While at Entergy Hebert led the Hurricane Katrina regulatory/finance recovery after a $2 billion hit on the company and counts the recovery as the hallmark of his career, recovering over $600 million in federal relief and mitigating what otherwise would have increased the rate base for customers.
Hébert served four years in Washington as a presidential appointee to the Federal Energy Regulatory Commission. He was nominated to a Republican seat on FERC by President Clinton in 1997 and named chair by President Bush in January 2001. At 38 years of age, he became the youngest chairman in FERC's history. During Hébert’s tenure at FERC, he led efforts to restructure the electric utility and natural gas pipeline industries to promote competition. Hébert was also a commissioner and chairman of the Mississippi Public Service Commission and a leader of the Mississippi Legislature.
He earned his undergraduate degree from The University of Southern Mississippi, his juris doctorate from The Mississippi College School of Law and completed the Nuclear Reactor Technology Program at MIT. Hébert is a member of the Mississippi Bar.
[The Short Happy Life of Curt Hébert as FERC Chair:
Mr. Harrell said that previous exercises were based on the expectation that electricity “would be up and running relatively quick” after an attack.
Now, he said, the goal is to “educate the federal government on what their expectations should or shouldn’t be.” The industry held a smaller exercise two years ago in which 75 utilities, companies and agencies participated, but this one will be vastly expanded and will be carried out in a more anxious mood.
Most of the participants will join the exercise from their workplaces, with NERC, in Washington, announcing successive failures. One example, organizers say, is a substation break-in that officials initially think is an attempt to steal copper. But instead, the intruder uses a USB drive to upload a virus into a computer network.
The drill is part of a give-and-take in the past few years between the government and utilities that has exposed the difficulties of securing the electric system.
The grid is essential for almost everything, but it is mostly controlled by investor-owned companies or municipal or regional agencies. Ninety-nine percent of military facilities rely on commercial power, according to the White House.
The utilities play down their abilities, in comparison with the government’s. “They have the intelligence operation, the standing army, the three-letter agencies,” said Scott Aaronson, senior director of national security policy at the Edison Electric Institute, the trade association of investor-owned utilities. “We have the grid operations expertise.”
That expertise involves running 5,800 major power plants and 450,000 miles of high-voltage transmission lines, monitored and controlled by a staggering mix of devices installed over decades. Some utilities use their own antique computer protocols and are probably safe from hacking — what the industry calls “security through obscurity.”
But others rely on Windows-based control systems that are common to many industries. Some of them run on in-house networks, but computer security experts say they are not confident that all the connections to the public Internet have been discovered and secured. Many may be vulnerable to software — known as malware — that can disable the systems or destroy their ability to communicate, leaving their human operators blind about the positions of switches, the flows of current and other critical parameters. Experts say a sophisticated hacker could also damage hard-to-replace equipment.
In an effort to draw utilities and the government closer, the industry recently established the Electricity Sub-Sector Coordinating Council, made up of high-level executives, to meet with federal officials. The first session is next month.
All information posted on this web site is
the opinion of the author and is provided for educational purposes only.
It is not to be construed as medical advice. Only a licensed medical doctor
can legally offer medical advice in the United States. Consult the healer
of your choice for medical care and advice.