Contributed by Kurt Takahashi, CEO, Netwatch
The recent uptick in security-related incidents targeting U.S. electrical substations and utilities has set off alarm bells. With a 71% increase in incidents over the past year, experts predict that this worrying trajectory will continue into 2023 and beyond. More than mere numbers, these incidents pose a direct threat to citizens, neighborhoods, vital industries, and the national economy.
The complexity of escalating security concerns
The increasing number of attacks on utilities poses a multifaceted challenge for city administrations, both public and private entities, and local communities. According to the Electricity Information Sharing and Analysis Center (E-ISAC), various forms of attacks such as gunfire damage, equipment sabotage, security breaches, and vandalism are on the rise. These incidents have occurred in clusters, impacting numerous regions across the country.
During a technical conference convened by the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corp. (NERC), Eric Rollison, assistant director of the U.S. Energy Department’s Office of Cybersecurity, emphasized the “heightened threat environment” surrounding the industry.
Additionally, a NERC report noted a marked increase in physical security incidents since 2020, with significant outages reported in substations in North Carolina, Washington state, and California. Varied motivations, from economic theft to ideological extremism, add layers of complexity to this issue, complicating the work of law enforcement agencies, local governments, and the energy sector.
The indispensable function of electrical substations
Electrical substations and public utilities are critical to modern society, providing power to residences, offices, healthcare systems, and various modes of transportation. A single attack on these vital nodes can lead to a domino effect of disruptions, affecting daily life on a massive scale. For example, a major power outage in a North Carolina county in December 2022 left 35,430 utility customers without power, a crisis exacerbated by evidence of deliberate tampering at two key electrical substations.
The financial ramifications of these security lapses can also be debilitating. From immediate costs of repair and restoration to longer-term consequences such as revenue losses and operational downtime, the impact is extensive. Following an incident, utilities may experience surging insurance premiums, face legal liabilities, and even suffer reputational damage. They may also encounter regulatory hurdles, which could entail penalties and the need for corrective measures to preempt future occurrences.
The inadequacy of conventional security measures
Protecting the sprawling U.S. electrical grid — comprising more than 55,000 substations and extensive transmission lines — is no small feat. While traditional security approaches like fences, video surveillance, security by environmental design, and adequate lighting have provided some level of deterrence, they fall short against the evolving nature of threats.
Traditional solutions, such as video surveillance, often also serve a more reactive role, aiding in post-event investigations rather than actively thwarting incidents. Similarly, physical barricades like fences are easily bypassed by determined perpetrators, highlighting the limitations of relying solely on traditional security measures.
Modern strategies for robust protection
Among emerging solutions, proactive strategies and technologies show promise. Software-as-a-service (SaaS) offerings are emerging that deliver the capabilities utilities need to get ahead of risks and stop theft and crime before damage occurs. For example, remote video monitoring combines real-time video surveillance with the immediacy of operator intervention. This proactive approach empowers trained operators to intervene immediately, delivering a live, customized voice down to deter criminal behavior. Rather than just recording incidents for later review, utilities can use existing camera technology combined with video analytics to identify and counter threats in real-time.
The future of security solutions for the utility sector is centered around integrated artificial intelligence technology. AI is powerful as it can enable a once-passive system to automatically identify unauthorized movements or actions. Then a remote operator immediately intervenes and delivers a personalized message. An example is, “You in the yellow shirt with the black hat.” This action informs the intruder that they’ve been identified and if they don’t leave, authorities will be dispatched to the site.
In cases where the intruder remains unresponsive, specialists promptly contact local law enforcement and other relevant parties to ensure a rapid and effective response. This type of solution is particularly beneficial for providing security to remote utility sites, where traditional security approaches fall short.
Pathways to a secure energy future
While the current threat landscape is challenging, it’s not without remedy. Through innovative technologies and collaborative efforts like public-private partnerships, a secure and resilient energy landscape is achievable. Advanced technology and services offer immediate intervention capabilities, something not feasible with traditional security methods.
The urgency for innovative, adaptive security strategies has never been greater. Through investments in technologies and protective processes, and a dedicated commitment to enhancing security measures, the industry can turn this sizable challenge into a stepping-stone for stable, long-term growth. The clock is ticking, the risks are substantial, but a fortified and resilient energy future is attainable.
