Across the United States, 3200 separate organizations own and operate electrical infrastructure. The widely dispersed nature of the nation’s electrical grid and associated control systems has a number of advantages, including a reduced risk that any single accident or attack could create a widespread failure from which it might take weeks to recover. Since the late 1990’s, however, cost pressures have driven the integration of conventional information technologies into these independent industrial control systems, resulting in a grid that is increasingly vulnerable to cyber-attack, either through direct connection to the Internet or via direct interfaces to utility IT systems.
A substantial and prolonged disruption of electric power would have profound economic and human costs for the United States. A prolonged outage across 15 states and Washington, D.C., according to the University of Cambridge and insurer Lloyd’s of London, would leave 93 million people in darkness, cost the economy hundreds of millions of dollars and cause a surge in fatalities at hospitals.
“If a well-coordinated cyberattack on the nation’s power grid were to occur today, the time it would take to restore power would pose daunting national security challenges,” said John Everett, DARPA program manager. “Beyond the severe domestic impacts, including economic and human costs, prolonged disruption of the grid would hamper military mobilization and logistics, impairing the government’s ability to project force or pursue solutions to international crises.”
The most chilling incidents to date are two cyberattack-induced blackouts in Ukraine—one in December 2015 and the next a year later in December 2016—that caused power outages for hundreds of thousands of residents in Kiev for a few hours each time. Both attacks are thought to have been perpetrated by Russian state-sponsored hackers. And though a similar incident hasn’t played out in the US so far, there is increasing evidence that various hacker groups have infiltrated US grid defenses. The Department of Homeland Security warned repeatedly this year that it has detected extensive Russian probing of the US grid.
Although utilities are increasingly focused on their cyber-defense needs, the process of identifying, purchasing and installing commercial host-defensive technologies across the industry may take many years. In an effort to address the cyber threat to the country’s electrical grid within a shorter time frame, DARPA released today a Broad Agency Announcement (BAA) detailing research aims for the early detection of cyber-attacks to power-grid infrastructure and seeking ways to reduce the time required to restore power.
DARPA launched the RADICS program in 2015 with objective to develop technologies for detecting and responding to cyberattacks on critical U.S. infrastructure, with an ultimate goal of enabling cyber and power engineers to restore electrical service within seven days in the event of a major attack. RADICS research is developing technology that cybersecurity personnel, power engineers, and first responders can utilize to accelerate restoration of cyber-impacted electrical systems.
The Defense Advanced Research Projects Agency (DARPA) organized a mass cyber resilience exercise on the US national power grid at Plum Island in Nov 2018. The scenario was that a digital strike took out one of two operational utility stations, and the other one was also under attack. A team of grid operators had to restore the power across the utilities and to the building deemed as a critical national asset. Moreover, the cyber security researchers assisting the grid operators had to use every piece of technology and know-how they had to ensure that utility stayed powered up, trustworthy and malware-free. As Nextgov reports, the exercise took place on Plum Island. A federal research facility off the north fork of Long Island, where DARPA researchers segregated a portion of the island on its own electric grid.
The Defense Advanced Research Projects Agency wants to integrate artificial intelligence in two of its programs aimed at addressing electric grid cybersecurity and getting ahead of 5G deployment. While leaving out the specifics of AI involvement, William Scherlis, director of the Information Innovation Office at DARPA, said the tech will be used in the Rapid Attack Detection, Isolation and Characterization Systems program, which is intended to recover power grid loss in case of a malware-caused full blackout. Scherlis further explained at an FCW AI workshop that the program will promote the development of new tech to accelerate power recovery.
IDST Monthly Access Membership Required
You must be a IDST Monthly Access member to access this content.