Return to

April 17, 2014
Notes from the Pentagon

U.S. power grid defenseless from physical and cyber attacks
The U.S. electrical power grid is vulnerable to cyber and physical attacks that could cause devastating disruptions throughout the country, federal and industry officials told Congress recently.

Gerry Cauley, president of the North American Electric Reliability Corp., said that several — if not all — other critical U.S. infrastructures depend on electricity, and that he is “deeply concerned” about attacks, extreme weather and equipment failures causing power outages.

“I am most concerned about coordinated physical and cyber attacks intended to disable elements of the power grid or deny electricity to specific targets, such as government or business centers, military installations, or other infrastructures,” Mr. Cauley told the Senate Energy and Natural Resources Committee last Thursday.

Mr. Cauley said the April 2013 attack on a California electrical power substation by unidentified gunmen did not result in power outages, but highlighted the vulnerability of the country’s three-sector power grid.

The incident at the Metcalf substation in Northern California “demonstrates that attacks are possible and have the potential to cause significant damage to assets and disrupt customer service,” he said.

Cheryl A. LaFleur, acting chairman of the Federal Energy Regulatory Commission who testified at the Senate hearing, said the Metcalf attack led federal authorities to conduct a 13-city campaign to warn utilities about the need for better security.

Ms. LaFleur said cyber threats to electrical infrastructure are “fast-changing,” as she called for better information-sharing about threats between government and industry.

Sue Kelly, head of the American Public Power Association of more than 2,000 U.S. electric utilities, testified about the growing danger of cyberattacks against the power grid.

“The threat of cyberattack is relatively new compared to long-known physical threats, but an attack with operational consequences could occur and cause disruptions in the flow of power if malicious actors are able to hack into the data and control systems used to operate our electric generation and transmission infrastructure,” Ms. Kelly said.

To date, security measures have prevented a successful cyberattack on the bulk electric system, she said.

An Energy Department-sponsored study published last fall said the U.S. power grid is vulnerable to catastrophic disruption by nation states like China and North Korea, terrorist groups like al Qaeda, and non-state criminals.

The 269-page study “Electric Sector Failure Scenarios and Impact Analyses” was published in September by the National Electric Sector Cybersecurity Organization Resource, a non-government group of industry and security specialists.

A malicious software cyberattack on the power grid’s Distributed Energy Resource Management System (DERMS), which manages requests and commands for the power system, would damage transformers that are costly and difficult to replace.

Cyberattacks against computers that distribute electrical power over wide areas could be jammed or disrupted through wireless signals.

And cyber attackers could cause widespread power outages or cascading power failures by gaining access to distribution systems and equipment via remote hacking.

“After gaining the required access, the threat agent manufactures an artificial cascade through sequential tripping of select critical feeders and components, causing automated tripping of generation sources due to power and voltage fluctuations,” the report said. “A blackout of varying degree and potential equipment damage ensues.”

According to the report, nation state threats to the grid include China, North Korea and Cuba. Among the cyber terrorist threats listed: al Qaeda and the Afghan Taliban, the Pakistani group Lashkar-e-Taibi, and the Palestinian group Hamas. Domestic threats include “lone wolf” extremists, ecoterrorists among Earth First and Greenpeace, U.S. separatist groups, and militias and hate groups, the report said.

North Korea’s drug trafficking and currency counterfeiting have shifted from being government activities to using criminal surrogates and networks not directly linked to the regime, according to a new think tank report.

From the 1970s to the mid-2000s, North Korea used its diplomatic, intelligence and military officials to get hard currency illicitly by producing and trafficking heroin and methamphetamine, and counterfeiting high-quality $100 bills called “supernotes,” said the report by Sheena Chestnut Greitens, a senior fellow with the Brookings Institution Center for East Asia Policy Studies.

Since 2005, North Korean criminal activities have included drug trafficking mainly in China and South Korea that appears to show a decrease in regime control of the illegal trade, which produces tens of millions of dollars annually.

“No longer limited to elites, the drug trade and other illicit activities now encompass a broader swath of North Korean society than before,” the report said.

The report, “Illicit: North Korea’s Evolving Operations to Earn Hard Currency,” was published Tuesday by the Committee on Human Rights in North Korea.

It details North Korean criminal activities that for 40 years have included transnational drug smuggling, high-quality counterfeiting, selling parts of endangered species, and making and selling counterfeit goods that range from cigarettes to pharmaceuticals to brand-name watches.

North Korea has produced an estimated $2.8 million a year in counterfeit U.S. currency since 1989, the report says. Its endangered species trafficking has included sales of rhino horn and ivory worth tens of thousands of dollars per shipment.

Counterfeit cigarette production in North Korea has made cash from the sales of fake Chinese cigarettes, which can reap up to $4 million per shipping container.

The trafficking has been primarily to support “the Kim family regime’s need for hard currency,” a reference to the three-generation personality cult led first by communist founder Kim Il-sung, followed his son, Kim Jong-il, and now his grandson, Kim Jong-un.

“The activity also evolved in important ways over time, from a state-run operation using North Korean officials as couriers and traffickers to a more compartmentalized network in which North Korea concentrated on product and outsourced distribution to criminal organizations,” the report said. “Party, government, and military organizations, as well as elites, are allowed to run businesses and to make money as long as they make a sufficient offering to the leadership.”

North Korean defectors have said Pyongyang is continuing to produce supernotes, a process that is unlikely to be conducted by non-government actors, the report said. Drug trafficking appears to be increasing across North Korea’s border with China, and drug use has become a growing problem within North Korea, it said.

“From their inception, these illicit activities have been highly adaptive — in terms of products involved, manufacturing locations, shipment tactics, distribution partners and methods, financial infrastructure and regime role,” the report said.

  • Contact Bill Gertz at @BillGertz.

  • Return to