Cyber-Sabotage, Wildfires, Weather—A Web Of Threats To The Power Supply Could Leave Californians In The Dark
February 5, 2019 1:40 p.m.
Related Story: Cyber-Sabotage, Wildfires, Weather—A Web Of Threats To The Power Supply Could Leave Californians In The Dark
Kaye PBS is supported by the law firm of Mintz working with startups and growing companies. Mintz legal services can help clients raise capital secure space and protect intellectual property to achieve strategic goals. Moore admits dot.com Mintz built on excellence driven by change.
Most San Diego inns take it for granted that when we flip the switch the lights turn on. But in addition to the threat of wildfire and other natural disasters California's power supply is under constant attack by cyber criminals. Environment Reporter Julie Cart writes about the threat hackers pose to California's power supply in a new series frayed wires it's all for the nonprofit journalism organization Cal matters and Julie Cart joins me now. Welcome Julie. Thanks so much Jay. Julie you write that energy grids are the new front in cyber terrorism.
How common are hack attempts and what's the goal of these hacks hack attempts are being made every moment of every day across the world not just with the power grid but an every part of our society because it's so easy to do. Five years ago the goal would have been ransomware. We're gonna get into your system and you have to pay us a certain amount to regain control of it or it would have been to get personal information about customers. It's really changing and the fear is that state actors or terrorists will call them want to sow havoc.
They want to disrupt civil society turn off the lights gain control of nuclear power stations. I mean the sort of nightmare scenarios but there are very real and the most sobering part is that that the idea is that attacking the power grid turning off all the lights telephones all that kind of thing is the first step to kind of soften everybody up and then there's a kind of a traditional attack. So it's pretty sobering.
And what is known about who might be behind the hack attempts and their capabilities.
There are known problems that have occurred. Russia has attacked the Ukraine system a couple of years ago. There have been attacks all through the Middle East. The authorities believe that that's been undertaken by Iran. North Korea took control of a South Korea Nuclear Power Station. Those are state actors obviously and then there are smaller groups that have this capability.
And one of the people you spoke to for your story is as DG any energy operations manager Zechariah Griffin. What did she tell you about hacking attempts on SD Japanese electricity grid.
Well as you can imagine Jay one of the aspects of talking about security is that no one wants to talk about it. They want to tell you that we're on it we're watching it and we're doing things but they don't want to give you details. So what the San Diego utility said is there are attempts to hack our system all the time every day. And we are aware of it and that they have systems in place. They're part of a big network across the country and in fact across North America that they run these kind of war games and tabletop simulations sharing information with first responders with security with federal agencies.
They're trying to keep ahead of it but it's constant constant vigilance on their part.
And why are the systems themselves so vulnerable to hacks.
It's because everything is connected. The Internet is the Internet of Things it's the internet of people lurking a lot of the way in is just through employees not being careful with their security that they would normally take safeguards that big companies have in place with the proper passwords and that kind of thing. They're vulnerable in the way that your house is your home computer is vulnerable your phone is wrong or both people hack electric cars. I mean it.
Anything that is connected and you know many San Diego ends will remember in 2011 the blackout that lasted roughly 12 hours. And you write about some of the impacts of a long power outage. You know I wonder how could California be impacted by a successful hack.
The possibilities are endless. So it's small things you don't have access to an A.T.M. sometimes some phone systems don't work. A lot of water is pumped and it's pumped electrically that doesn't work. You can't call the cops if you're afraid of something in your lights around and you think people are lurking. Cops can't call other cops they can't call the fire department so you have first responders not available kind of everything that we rely on in society that the fabric that keeps everything together is dependent on electricity. Except for folks and entities like hospitals and a lot of really critical infrastructure that have backups with generators but that only lasts so long.
So writ large across the state. That's not a scenario that anyone has has suggested that there's like a switch that that every light will go off in California.
But you'd hate to see that happen in downtown San Diego in rush hour and have any hacks or threats to the power grid succeeded in California ever.
Different entities have had incursions. One of the difficult aspects of cybersecurity as it regards the grid in particular is that you can insert little sleeper software that just sits there that doesn't do anything. So therefore it's not running around inside your system trying to find things are open doors and that sort of thing is metaphorical. Yet you've put all these systems in place. These hacks and they can be called upon when they're needed you know and it can be part of a broad based attack. So yes there have been some successful attacks or hacks.
They are limited. And all those entities feel like they've they've got that under control. But the problem is you don't know if if they solve that problem but something was left behind it's lurking kind of in the shadows.
Right. What are power companies doing to stop hackers from succeeding.
Well they will tell you they're spending a lot of money. They have. They report to the public utilities commission and the commission has a cybersecurity bureau as does the state as the federal government as well. So they tell the PUC here is what we're doing now that is not publicly available information considered proprietary but they have to satisfy that agency that they're taking the necessary steps operating safely and securely. Those issues are more at the forefront and I imagine that the tolerance for that sort of thing is going to get much much higher.
In other words the utilities are going to be required to show their work in a more fulsome way and really really do everything they can. I mean obviously it's in their in their best interest to be safe and secure as a business. So they're probably doing all that they can. It's just super expensive and it is a nonstop 24/7 kind of approach you have to take. And really what should readers take away from your reporting.
The intent of the series is to talk about something we don't really think about as you mentioned. You just flip a switch where does that power come from California is electrifying in a very very accelerated way. I mean the renewables that are coming online and what that means to the grid as far as assuredness of power how power companies are changing power demand is falling. All these companies are thinking what are we here for they're just micro grids. There's people who can. It's called Island ding you can get together in your neighborhood and say well let's put all of our rooftop solar together and to hell with the utility that we've been paying to.
So there's just so many changes on on the horizon that I wanted to you know one by one look at them and then look ahead. Most importantly what's the future. What can we expect and what can we do about it.
I've been speaking with Environment Reporter Julie Cart who's been writing about the threat hackers pose to California's power supply in a new series called frayed wires. Julie thanks so much for joining us. My pleasure Jane.