(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘The Grid’ Category

ASSESSMENT: Physical Attacks On Grid Infrastructure As Terrorism

with one comment

Screenshot from 2014-02-07 14:39:38

Physical Attacks on Grid Systems As Terrorism:

The fear of cyber attacks on the grid (or more to the point transformers and power stations) has been in the news cycle incessantly since Stuxnet made the news back in 2010. The fixation on the cyber world really has occluded the fact that the physical attacks against power systems are the easiest to carry out and often times occur not by attack per se but in reality are acts of nature like squirrels or tree branches. The recent re-hash of a story that happened last April in California is case in point of hype as well as a real cause celebre being propagated by the former head of FERC Jon Wellinghoff. Speaking on NPR and other news outlets he makes it clear that not only can a branch cause a blackout like the one in 2003 that took out the east coast so too can an attack like this at strategic points in the country. While Mr. Wellinghoff is absolutely correct here the news is making this more of a terrorist scenario than the FBI is willing to label it for website hits but perhaps that is what is needed to effect change here. Wellinghoff is in earnest talking about how FERC and the government have done nothing substantive to build in redundancy to protect the grid from such physical attacks as well as accidents such as the aforementioned tree limb in 2003. So really, can you blame someone like Wellinghoff using the media to point out these issues and perhaps get them really addressed instead of spending millions and millions on alleged cyber vulnerabilities?

After the attack in San Jose, Wellinghoff says, he went to the scene with a team of Defense Department specialists who train special forces personnel. They found evidence of pre-planning — including piles of stones to apparently mark locations from which to shoot. The specialists also told Wellinghoff it’s their opinion that a lookout monitored police radio traffic — and raised an alert as officers came near. Otherwise, Wellinghoff says, shots might have taken out three more transformers and power to Silicon Valley might have been threatened.

What stands out here though and what the FBI is not calling terrorism, even claiming that perhaps it was domestic terrorism or even testing and planning is that the attackers in California were motivated and rather methodical about their attack. As is noted by Wellinghoff after visiting the scene with some commandos who assessed the attack. So we have a set of attackers who planned their operation by casing the power station and seemingly had knowledge of what to hit in order to cause a systems failure for that area. Such information could be gathered from Google maps as well as going on site as it is also the same for any information on power station plans and manuals as I have written about before on here. Does this though say to us all that it was a probative attempt at a larger plot to attack the power grid by some terrorist group? Or does this say that there may in fact be a group of kids who decided to live out their dream of a commando raid black op outside of their Xbox? No one can really say definitively and only speculation thus far has been spun in the news cycle but nevertheless the truth of the matter is that power stations on average are vulnerable to physical attacks.

Cause and Effect From Physical Attacks to Infrastructure:

Another truth is that there is an obvious cause and effect if one were to attack the right areas of the grid. As we saw from the great blackout in 2003 if you overflow or underflow the system it can have a domino effect depending on the time of the day, year, and weather conditions at the time. If you were going to attack the grid there are about 5-6 places I can think of that you would want to attack simultaneously to cause a cascade effect that would effect a large swath of the country potentially. These attacks could be like the one in California but most likely would be something along the lines of explosives or even crashing something into the stations to cause the dominoes to start to fall. One would have to have a good working knowledge of how the system works overall and how the interlinks work across the country to do this as well as it would have to be a concerted effort with more than a few people. Still though, to what end would this all be done? So the power goes out and perhaps everyone will know it’s from an attack of some kind but really, then what? This attack scenarios to me would only be carried out by a nation state to really be of any real use and that would have to be in tandem with an invasion force on the continental US. So for terrorism’s sake would it really be worth it? This is not to say that some actors just might to it to “watch the world burn” as it were so it is not inconceivable that someone could pull it off on small scale like in California.

Another not really discussed possible effect from such attacks might be losses in the markets both in the general markets as well as directed losses for the power companies. Such attacks would cause prices to fluctuate as well as instill fear that the companies cannot protect their systems. This too would also put doubt into the picture concerning the national infrastructure’s overall security and any and all regulation thereof. So an attack would not only leave us in the dark but could be used as a financial weapon as well. The cascade failures would also place the power companies at a loss for having to re-tool their systems and upgrade the infrastructure as a whole which then would also have financial effects on the end users by way of fee increases. It is a web of more than just physical lines, heat, and power isn’t it? There are many scenarios here that we could cover on this but let’s just leave it at the idea that a physical attack is quite possible as well as one that could be carried off to darken a great swath of the nation. However, who would do so and what else would they be up to after they did so? What is the aegis here as well as what is the bigger picture?


This story has been burning up the wires for a day or so now and people are all asking why now? Well, the why is because of Mr. Wellinghoff, he has been pimping this story along with the Wall Street Journal and rightly so if we are to face facts that these stations are poorly protected. However, I would like to point out some things here that one should consider concerning this story;

  • The attack in California was carried out by individuals who had some SECOPS knowledge in that they had cut the lines to prevent automated alerts but anyone with sufficient will could do this even teens
  • The California attackers also planned out where to shoot from with regard to their weapons (AK47’s it seems) and at 60 yards they are not “snipers” nor are AK47’s considered sniper rifles. Had these attackers had Barret’s or some other .50 cal with depleted uranium that’d be a different story altogether
  • The FBI is saying this was not terrorism so what was it?
  • Could it be possible that someone could be making the point by action to get someone like Mr. Wellinghoff ammunition to make a case for securing these systems over spending all the money on cyber attacks? He says outright in his NPR interview that he believes the cyber attack scenario is much less a possibility or a threat than an actual physical attack.
  • For all we know this caper was pulled off to black out a local jewelry store for an epic heist and not actually as some pre-cursor to an all out attack on the USA.

While I think this core story is much ado about nothing the point being made by Mr. Wellinghoff is absolutely valid. Will changes be made to protect these systems? Will new walls be put up and more security laid on to prevent such attacks in the future? Well, let me point you back to Mr. Wellinghoff’s point on what happened post the 2003 incident in the Northeast. Ferc was not mandated to make any redundancy changes or upgrades by law by the Congress. So there you have it. Unless something really serious happens nothing will change so do go to sleep at night in the warm blanket of governmental ineptitude. Maybe, just maybe the lights will still be on in the morning.



Written by Krypt3ia

2014/02/07 at 20:45

Posted in .gov, Terrorism, The Grid