Hacking the Electrical Grid (Part 1)

Perhaps the recent blackouts in California, as well as the dangerously low reserve margins that ERCOT faced in Texas this summer, were timely opportunities to reflect on the sometimes precarious state of centralized grids. And even more pressing is the fact that everything is now digitally connected, making it harder to unplug from centralized sources. 

Central sources (like central grids) are powerful tools for connectivity, but they are prone to hacks and unethical manipulation. A hack could mean a blackout, just like that, for days on end. It could mean that automated manufacturing equipment is knocked off lines or destroyed beyond repair leading costly interruptions in an already globalized supply chain; and it can mean a weaponized form of manipulation that affects our daily lives adversely. 

We will provide an overview on how the electrical grid has been hacked in other countries, and how microgrids seem to be an invaluable asset for backup measures, just in case an electrical grid hack happens to Texas in the near future. 

The ‘Sandworm’ Hackers

One of the most recent examples of electrical grid hacking include the attacks from the hacking groups Sandworm. They are well known for causing a blackout in Ukraine that saw 250,000 people without power for 6 hours. 

The Russian hackers in Sandworm did their damage by exploiting ‘back doors’  – entry points in vulnerable code – through malware attachments that allowed for surveillance and manipulation from personal computers to machinery in large factories.  Additionally Sandworm was responsible for the most costly cyberattack in history – NotPetya.

Sandworm carried out NotPetya through ransomware, which usually means that a person’s network is targeted and loaded with malware that locks everything down on the affected device with strict monetary demands (a ransom) required for its release. This particular ransomware wasn’t just one or two devices though: it hit entire networks in Ukraine, leading to 10 billion dollars in damages and affected businesses like: “ Maersk, pharmaceutical giant Merck, FedEx’s European subsidiary TNT Express, French construction company Saint-Gobain, food producer Mondelēz, and manufacturer Reckitt Benckiser,” as WIRED states. 

The scary part about the attack was just how fast the ransomware spread through all connected networks in the area and made their systems inactive. 

Because so many systems – ranging from dams, manufacturing plants, and electrical grids – are connected to networks, all it takes is a found vulnerability in those systems to potentially take down a whole network.  As Sandworm has shown in the Ukraine, and recent Chinese hacks that plundered U.S. intellectual property data, education on the topic will only become more and more relevant. 

Microgrids for Increased Security

Perhaps the best investment to make is in microgrids and increased flexibility for the grid. After all, microgrids are increasingly common in Texas and other states. Their presence would mean that, in the case of a large blackout induced by a cyber attack, there would be enough electricity to last until everything was brought back online.

Microgrids could exist on their own network – function as their own island as it were – so they would not be affected by an electrical grid outage. This would be a difference maker in case of a hack on the scale of Sandworm, if directed at the U.S.