FTI Journal
FTI Journal | Critical Thinking at the Critical Time
 

Quiz: How Vulnerable is the Power Grid to Cyber Attack?

cyber security hacker

Most Americans are familiar with the high profile hacking incidents of recent years—the public exposure of Sony Pictures’ private email, for instance, or the theft of credit card information belonging to 56 million Home Depot customers. But the damage from those breaches may pale in comparison to what cybersecurity experts believe is sure to come: a penetrating attack on the power grid.

Hacking into the industrial control systems of our electric infrastructure presents a huge national security risk. Disrupting or sabotaging our power supply would have catastrophic consequences for public safety and health. Yet the electric utility industry remains shockingly ill-prepared to combat the threat even as it insists it has taken adequate precautions. What's holding it back? Three things:

  • A disconnect within individual companies among risk managers, IT, engineering and operations.
  • The inability to keep pace with a sophisticated hacking culture.
  • The industry's stance that it is already doing enough to comply with cybersecurity standards.

The 2013 hack into the controls of a small hydro-electric dam in Rye Brook, NY, by a rogue Iranian group should be a wake up call. So too should be the 2015 Ukrainian power utility attack, widely attributed to Russia. Both incidents demonstrated the capabilities of hostile adversaries and the tacit warning that similar damage can be done—perhaps at will—to U.S. utilities. These intrusions, plus 750 more identified and catalogued by Industrial Control System (ICS) cybersecurity experts, punctuate the need to move faster in light of the rapid changes to our digital world. With about 6.4 billion devices and control systems connected through the Internet of Things, and nearly 21 billion expected by 2020, the number of entry points of attack is multiplying daily.

Minimizing the risk is not just about training a network IT team. It’s about running a comprehensive and continuous scan of operational technology (OT)—the programmable logic controllers, the mobile devices, the supervisory control and data acquisition systems (SCADA), etc.—and then coordinating OT and IT teams with risk officers and crisis management experts to form a cohesive front capable of responding to an industrial cyber incident.

The idea that minimizing risk can be accomplished through IT alone as if it’s a corporate website is a misconception. See if you can identify other misconceptions about the industry with our true or false quiz.

 

Published July 2016

© Copyright 2016. The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, Inc., its management, its subsidiaries, its affiliates, or its other professionals.

About The Authors


Scott Corzine
scott.corzine@fticonsulting.com
Managing Director
Forensic & Litgation Consulting
FTI Consulting

Ellen Smith
ellen.smith@fticonsulting.com
Senior Managing Director
Economic Consulting
Energy & Utilities
FTI Consulting

Share This

Related Articles

Latest Articles

  • Amazon Business: A Giant Awakens
    Amazon Business: A Giant Awakens
    The e-commerce juggernaut’s $10 billion B2B segment has been flying under the radar since it launched four years ago. Here’s what suppliers need to know right now.
  • 9 Key Sectors Ripe for Reform in the “New” Brazil
    9 Key Sectors Ripe for Reform in the “New” Brazil
    Brazil’s new president Jair Bolsonaro promised major market reforms to re-energize the world’s 8th largest economy and attract more foreign investment. As he nears the 100-day mark, here’s where the country stands.
  • Cutting Through the Rhetoric: What Voters Really Want When It Comes to Healthcare
    Cutting Through the Rhetoric: What Voters Really Want When It Comes to Healthcare
    In the ongoing debate over healthcare costs and coverage, “Medicare for All” is a hot topic within the Democratic Party — and potentially a litmus test for candidates in Democratic primaries. But dive into policy specifics and voters start backing away. FTI Consulting polled American voters to find out what they really want.

Related Articles

Latest Articles

  • Amazon Business: A Giant Awakens
    Amazon Business: A Giant Awakens
    The e-commerce juggernaut’s $10 billion B2B segment has been flying under the radar since it launched four years ago. Here’s what suppliers need to know right now.
  • 9 Key Sectors Ripe for Reform in the “New” Brazil
    9 Key Sectors Ripe for Reform in the “New” Brazil
    Brazil’s new president Jair Bolsonaro promised major market reforms to re-energize the world’s 8th largest economy and attract more foreign investment. As he nears the 100-day mark, here’s where the country stands.
  • Cutting Through the Rhetoric: What Voters Really Want When It Comes to Healthcare
    Cutting Through the Rhetoric: What Voters Really Want When It Comes to Healthcare
    In the ongoing debate over healthcare costs and coverage, “Medicare for All” is a hot topic within the Democratic Party — and potentially a litmus test for candidates in Democratic primaries. But dive into policy specifics and voters start backing away. FTI Consulting polled American voters to find out what they really want.
It looks like you're enjoying this article. If you'd like to receive email updates from the FTI Journal, please consider subscribing.
The views expressed in this article(s) are those of the author and not necessarily those of FTI Consulting, Inc., or its professionals.
©Copyright, FTI Consulting, Inc., 2012. All rights reserved.

http://ftijournal.com/article/quiz-power-grid-cyber-attack