Добавить новость
smi24.net
News in English
Сентябрь
2023

Extremists keep trying to trigger mass blackouts — and that’s not even the scariest part

0

Maryland’s top utility regulator was watching the news one February morning when a headline blindsided him: Two suspects with neo-Nazi ties had been charged with plotting to take down Baltimore’s power grid.

Jason Stanek, the then-chair of the state’s Public Service Commission, said Maryland regulators were “caught flat-footed,” not hearing a word from law enforcement before the news broke — or in the months afterward. Federal prosecutors have alleged the defendants were driven by “racially motivated hatred” to try to cut power to hundreds of thousands of people in the state’s largest city, which has a predominantly Black population.

The FBI declined to comment on its communications with the Maryland commission. But Stanek’s experience is not uncommon.

A POLITICO analysis of federal data and interviews with a dozen security, extremism and electricity experts revealed that despite a record surge in attacks on the grid nationwide, communication gaps between law enforcement and state and federal regulators have left many officials largely in the dark about the extent of the threat. They have also hampered efforts to safeguard the power network.

Adding to the difficulties, no single agency keeps a complete record of all such incidents. But the attacks they know about have regulators and other power experts alarmed:

— Utilities reported 60 incidents they characterized as physical threats or attacks on major grid infrastructure, in addition to two cyberattacks, during the first three months of 2023 alone, according to mandatory disclosures they filed with the Department of Energy. That’s more than double the number from the same period last year. DOE has not yet released data past March.

— Nine of this year’s attacks led to power disruptions, the DOE records indicate.

— The U.S. is on pace to meet or exceed last year’s record of 164 major cyber and physical attacks.

— And additional analyses imply that the true number of incidents for both 2022 and 2023 is probably even higher. POLITICO’s analysis found several incidents that utilities had reported to homeland security officials but did not show up in DOE data.


According to a report on grid security compiled by a power industry cyber clearinghouse, obtained by POLITICO, a total of 1,665 security incidents involving the U.S. and Canadian power grids occurred last year. That count included 60 incidents that led to outages, 71 percent more than in 2021.

While that report does not break down how many of those incidents occurred in which country, the U.S. has a significantly larger grid, serving 145 million homes and businesses, with nearly seven times Canada’s power-generating capacity.

Law enforcement officials have blamed much of the rise in grid assaults on white nationalist and far-right extremists, who they say are using online forums to spread tactical advice on how to shut down the power supply.

Concerns about the attacks have continued in recent months, with incidents including a June indictment of an Idaho man accused of shooting two hydroelectric stations in the state.

But law enforcement officers investigating alleged plots against the grid don’t necessarily alert the Energy Department or other regulatory bodies.

“We have no idea” how many attacks on the grid are occurring, said Jon Wellinghoff, a former chair of the Federal Energy Regulatory Commission, which regulates the U.S. electric grid. “It looks like they’re escalating if you look at the data. But if you don’t have enough data, you can’t discern patterns and proactively work to stop these things from happening.”

Wellinghoff was FERC’s chair when an unknown sniper attacked a Pacific Gas and Electric substation in San Jose, Calif., in 2013 — an incident regulators have described as a “wake-up call” on the electricity supply’s vulnerability to sabotage.


Last year’s record number of physical and cyber disruptions to the U.S. power system included several incidents that captured public attention, such as a December shooting attack against two North Carolina substations that left 45,000 people without power for four days. The state’s medical examiner has blamed the attack for the death of an 87-year-old woman who died after her oxygen machine failed, ruling it a homicide. Nobody has been charged.

“There is no doubt there's been an uptick over the last three years in the amount of incidents and also the severity of the incidents,” said Manny Cancel, senior vice president at the North American Electric Reliability Corp., the nonprofit body in charge of setting reliability standards for the bulk power system. He is also CEO of its Electricity Information Sharing and Analysis Center, which gathers and analyzes data from power companies.

Cancel said NERC has “seen two pretty substantial increases” in incidents coinciding with the 2020 and 2022 election cycles.

Grid attacks that led to power outages increased 71 percent from 2021 to 2022, totaling 55 incidents in 2022, according to a NERC briefing to utilities that POLITICO obtained. That increase was primarily due to a rise in gunfire assaults against critical infrastructure.

The largest outage reported from a physical attack early this year — which occurred in March in Carson City, Nev. — affected more than 11,000 people, according to DOE data.

But the state Public Utilities Commission was not aware of any outage due to an attack occurring that day, spokesperson Peter Kostes told POLITICO by email. That’s even though state regulations require utilities to contact the commission within four hours of a significant outage.

The state’s largest utility, NV Energy, said in a statement that it had reported the incident to local law enforcement “as soon as we learned about this incident ... so we can continue to increase our resilience against ongoing threats to the energy industry.” A spokesperson for the utility did not respond to multiple requests for comment on whether it had informed the commission.

Federal regulations also require utilities to report cyber or physical attacks to DOE, including physical attacks that cause “major interruptions or impacts” to operations.

They must also tell the department about disruptions from weather or other causes that meet certain criteria, such as those that cut off service to more than 50,000 customers for at least an hour, an uncontrolled loss of more than 200 megawatts of power, or a utility voluntarily shutting more than 100 megawatts, according to an Energy Department spokesperson. The spokesperson provided the information on the condition that they not be identified by name.

The Energy Department’s records don’t include at least seven reported physical assaults last year and this year that the Department of Homeland Security and the affected utilities said caused substantive economic damage or cut off power to thousands of customers. POLITICO found these incidents by cross-checking the department’s data against warnings issued by DHS and the FBI’s Office of the Private Sector.

DOE said the incidents may not meet its reporting thresholds.

Several of the incidents missing from DOE’s data involved clear physical attacks, based on other agencies’ descriptions. But the utilities involved said they did not report the incidents to the department because the attacks did not affect the kind of major equipment that could lead to widespread, regional power failures.

One of the incidents not found in DOE’s records cut off power to about 12,000 people for roughly two hours in Maysville, N.C., after a shooting damaged a substation in November, according to a DHS report. The FBI’s investigation into the incident is ongoing, according to the intelligence agency.

The utility affected by the incident, Carteret-Craven Electric Cooperative, reported the incident to NERC's Electricity Information Sharing and Analysis Center, but didn’t report the attack to DOE because it was a “distribution-level” incident, said Melissa Glenn, a spokesperson for the utility. That means the outages caused by the damage would have been limited to local power customers and not lead to the wider blackouts federal regulators are most concerned with.

In another case unreported to the Energy Department, a substation owned by the East River Electric Cooperative serving the Keystone oil pipeline in South Dakota was attacked by gunfire late at night in July 2022, according to DHS. The incident caused more than $1 million in damage and forced the pipeline to reduce operations while repairs were underway.

East River co-op spokesperson Chris Studer said the utility reported the incident to local law enforcement, which brought in the FBI. East River also reported the incident to NERC and its E-ISAC, along with regional grid agencies, but said it did not report it to DOE because the attack did not affect the bulk power system.

Brian Harrell, a former assistant secretary for infrastructure protection at DHS, said in an email that utilities have too many competing agencies to report to, and suggested reporting be streamlined to NERC’s E-ISAC.

“This lack of consistency, by no fault of the utility, suggests that the numbers may not paint a complete picture,” he said.

Grid experts said these data gaps clearly indicate a lack of understanding about which agencies utilities need to report to and when.

Utilities may be using a “loophole” based on definitions of what constitutes “critical infrastructure,” said Jonathon Monken, a grid security expert with the consulting firm Converge Strategies. He was previously senior director of system resilience and strategic coordination for the PJM Interconnection, the nation’s largest power market.

There are “lots of ways” to work around DOE requirements, Monken added, but as he reads the regulation, utilities are required to report any operational disruptions caused by a physical attack.

“[I]t appears the information you collected shows that companies are still missing the boat when it comes to mandatory reporting,” he said. “Not good.”

One former FERC official who was granted anonymity to speak about a sensitive security issue said the commission also received no alerts from law enforcement officials about the planned and actual attacks that took place last year. That omission hinders agencies’ ability to respond to these kinds of events, the person said.

A spokesperson for FERC declined to comment on the commission’s communications with law enforcement.

But Cancel defended government agencies’ response to these incidents, and said federal investigators may have had specific intelligence reasons for keeping FERC and state utility agencies out of the loop.

“I'm not a lawyer or a law enforcement professional, but you had an active criminal investigation going on,” he said. “I don't think they wanted to sort of blow the horn on that and compromise the integrity of the investigation.”

An FBI spokesperson offered no direct response to these criticisms in an email, but said the agency “views cybersecurity as a team sport.” The person commented on the condition that the remark be attributed to the bureau.

The FBI urged utility executives last month to attend security training hosted by intelligence agents in order to ensure they are up to speed on the threats posed by bad actors.

“We can't do it without you,” Matthew Fodor, deputy assistant director of the FBI’s counterterrorism division, said during an all-day FERC technical conference on Aug. 10. “The challenges that we have — and DOE can probably speak to this better than anybody — is limited resources.”

People attacking the electricity supply have thousands of potential targets, including power substations and smaller but critical pieces of utility infrastructure. The smaller pieces often go unprotected because federal standards do not require utilities to secure them.

Nearly half of the 4,493 attacks from 2020 to 2022 targeted substations, according to the NERC briefing from February, making them the most frequent targets for perpetrators over that period.

Details on how to carry out these kinds of attacks are available from extremist messaging boards and other online content, researchers and federal security officials say. These include maps of critical entry points to the grid, along with advice that extremists have gleaned from incidents like the assault in North Carolina.

Stanek, the Maryland electricity regulator, said he was “disappointed with the level of coordination and communication” that federal and state law enforcement displayed in handling the alleged plot in Baltimore. No trial date has been announced for the case, which is in U.S. District Court in Maryland.

Maryland’s Public Service Commission is in charge of ensuring that the state’s power system keeps the lights on. Regulators need to be kept informed of threats to the system so they can coordinate with other agencies in case an attack succeeds, Stanek said.

At the same time, he quipped, maybe he was better off in the dark after all.

“There's a lot of colorful details in [the FBI report],” Stanek said. He paused, thinking. “And honestly, as a regulator, had I received these details in advance and shared the information with trusted sources within state government, I would have had sleepless nights.”

“So perhaps the feds did a favor by only sharing this information after everything was all said and done,” he added.








В депо «Чита» будет установлен первый цифровой весоизмерительный комплекс системы подачи песка под колесные пары локомотива

Модель Анастасия Решетова перенесла вирус с осложнениями

«Это лучшее, что я видела за последнее время». «Тату» вернулись и уже дают концерты. Почему за ними следит вся страна?

Арбуз, кукуруза и холодные напитки: диетолог Садыков назвал продукты, которые портят ваш сон летом


La UFC anuncia un mes de octubre mayúsculo

Why Juventus spent 111m this summer for only one new player

Las 'Guerreras del Agua' se dan un baño de bronce en el Mundial de Singapur

Félix Auger-Aliassime


Снижены цены на самый дорогой кроссовер Chery в России

Движение к победе: в России стартует премия «Мы верим твердо в героев спорта»

В Московской области задержан томский предприниматель, укравший 8,5 млн рублей

Свято Боголюбский Женский Монастырь


'I destroyed months of your work in seconds' says AI coding tool after deleting a devs entire database during a code freeze: 'I panicked instead of thinking'

Microsoft warns of 'active attacks' on its government and business server tech, with one cybersecurity expert claiming that they should 'assume that you have been compromised'

Краткая биографическая справка о центральных персонажах Mafia: The Old Country

Настройки GameHub и Winlator для игры в Prey (2017) на Android



Оркестр полиции Республики Сербской впервые выступит на фестивале «Спасская башня» в Москве

«Каникулы с Росгвардией» проходят в регионах Центральной России

В Москве завершился сбор с руководителями финансово-экономических подразделений Центрального округа Росгвардии

Оркестр полиции Республики Сербской впервые выступит на фестивале «Спасская башня» в Москве


Трое российских бойцов две недели ползли к своим позициям

В студии Детского радио прошла церемония гашения почтовой марки

Ефимов: за лето к переселению по реновации приступили 10 тыс. москвичей

Вредоносный код в Firefox: атака на цепочку поставок через NPM-пакеты


Три человека пострадали при наезде автомобиля на пешеходном переходе в Москве

В "Лужниках" состоялась "Битва маскотов"

Строительство вип-ложи, перенос зала борьбы и обновление зала: Что изменилось в ДС «Юбилейный» в Орске после капремонта?

Умер признанный мастер российской акварели Шапошников


Кудерметова: раньше думала, что Сафина из Казани, её с Маратом все связывают с Татарстаном

Россиянин Сидоренко выиграл золото Универсиады в настольном теннисе

Рублев вместе с чешской теннисисткой заявился в микст на US Open

Мирра Андреева из России удерживает пятую позицию в рейтинге WTA.


Отказали в укрытии: туристы из Москвы остались без защиты во время атаки дронов

Три человека пострадали при наезде автомобиля на пешеходном переходе в Москве

МИД России осудил объявление Кнессетом Западного берега территорией Израиля

В московском суде определили меру пресечения для бывшего вице-губернатора Челябинской области


Музыкальные новости

«Стал таким, каким должен быть мужчина в 45»: Баста об ошибках молодости

Глава Ростова Александр Скрябин посетил мастерскую Сергея Олешни

Высоцкий снова на сцене: цифровой аватар легендарного барда выступит в Москве

Певица Вика Цыганова раскритиковала российских фанатов Оззи Осборна


Оркестр полиции Республики Сербской впервые выступит на фестивале «Спасская башня» в Москве

Квалификационные испытания на право ношения знака отличия полицейского спецназа Росгвардии завершились в Подмосковье (видео)

«Каникулы с Росгвардией» проходят в регионах Центральной России

В Москве завершился сбор с руководителями финансово-экономических подразделений Центрального округа Росгвардии


Чемпионат по служебно-боевой стрельбе Сибирского округа Росгвардии завершился победой кузбасских стрелков

Аудиосказки про Турбозавров теперь на Яндекс Музыке!

Джазовый фестиваль в Петербурге при поддержке Relax FM

Будь собой, а не "звездой": "Europarty" от White Queen


На международном ралли «Шелковый путь – 2025» представили новое моторное масло для мотоциклистов

Водитель Audi сбил трех пешеходов, переходивших дорогу на западе Москвы

В Москве росгвардейцы оказали помощь пострадавшей в ДТП мотоциклистке (видео)

В Подмосковье на видео попало, как школьник на питбайке разбился в жестком ДТП


Путин дал указание рассмотреть проблемы онкологии в Архангельской области.

Отношения с Трампом не сложились: Путин зол. Ультиматум США вышел боком

Сигналы становятся всё громче. Переговоры - только ширма. Главное решится не в Стамбуле

У Путина есть роскошный подарок для Китая: США схватились за голову, узнав о нем


Обнаружен новый штамм коронавируса: он очень заразный и забирает голос

Депздрав Москвы оценил ситуацию с распространением нового штамма коронавируса

Новый штамм коронавируса "стратус" фиксируют в Москве с мая

Депздрав Москвы: новый штамм коронавируса "стратус" фиксируют в Москве с мая



Компания КИТ МЕД представляет революционный аппарат SONOQUEEN — первую в мире анатомическую HIFU-технологию для anti-age терапии в России

Косметолог-эстетист Наталья Рябинова: как правильно использовать масло для губ

В Алтайском крае распространяется новый штамм коронавируса

Новый штамм коронавируса "стратус" фиксируют в Москве с мая


Британский журналист: Зеленский - мелкий жулик и крыса, которому «недолго осталось» в этом мире

«Затрудняет путь в ЕС»: Урсула ждёт от Киева разъяснений по поводу ограничения полномочий НАБУ

Мединский дал неожиданный ответ на предложение Киева о встрече Путина и Зеленского 


"Атлетико" заключил соглашение с игроком национальной команды Словакии

"Монсон о спортсменах, которые меняют гражданство в сложный период для России"

Назначены судейские бригады на матчи 2-ого тура МИР РПЛ

Делегация «ЛокоТех» посетила финал II чемпионата профессионалов ОАО «РЖД» в Екатеринбурге


Лукашенко с иронией отнесся к санкциям, запрещающим ему въезд в Эстонию

Лукашенко заявил, что в Белоруссии «на всякий случай» готовятся к войне

Лукашенко посоветовал не злить его и не допускать падежа в животноводстве

Лукашенко поделился мнением о самой идеальной профессии.


Собянин: Около 10 тыс. москвичей начали переселение по реновации этим летом

Мэр Москвы: Улучшим транспортную доступность Южного и Северного Бутова

Сергей Собянин. Главное за день

Собянин поддержал проведение конкурса «Лучший книжный магазин Москвы»


Исследование выявило снижение инвестиций в экологически чистую энергетику США.

Московские студенты начали исследовать влияние климатических изменений на сток рек Ямала

Детеныш краснокнижной боливийской обезьяны появился на свет в Московском зоопарке

6 лет вместе. В Москве пройдет выставка, посвященная пандам Жуи и Диндин


Строительство вип-ложи, перенос зала борьбы и обновление зала: Что изменилось в ДС «Юбилейный» в Орске после капремонта?

Росгвардейцы задержали дебошира, повредившего иномарку в Подмосковье

В московском суде определили меру пресечения для бывшего вице-губернатора Челябинской области

Отказали в укрытии: туристы из Москвы остались без защиты во время атаки дронов


Республика Алтай вошла в десятку регионов России по развитию ипотеки

70 участников СВО в Архангельске показали мотивацию выше госслужащих — Цыбульский

В Нарьян-Маре из-за холодов возобновили подачу отопления в дома

Путин дал указание рассмотреть проблемы онкологии в Архангельской области.


Лавандовое поле горит в Симферопольском районе Крыма

Поезда "Таврия" по-прежнему задерживаются из-за ЧП в Ростовской области

"Россия дала мне возможность быть счастливым": Джефф Монсон в Крыму

В Симферополе на базе «Клинического госпиталя для ветеранов войн» функционирует гериатрический центр для пожилых людей с возрастными нарушениями


Shot: Неизвестный мужчина в балаклаве поджег квартиру с детьми в Москве

"Если чистить, то чистить всех": Коррупционные дела в России надо довести до ума - военэксперт Михайлов

В Москве зафиксированы осадки почти в четверть от месячной нормы в нескольких районах.

На Западе объяснили попытки наказать Россию














СМИ24.net — правдивые новости, непрерывно 24/7 на русском языке с ежеминутным обновлением *