Beyond reliability: Texas power grid faces security issues
While much of the focus on threats to the power grid centers around its ability to generate electricity, lawmakers are also concerned about sabotage. Citing threats from artificial intelligence and other technological advances, Sen. Bob Hall, R-Edgewood, wants the state to create a security commission to asses and mitigate potential threats to the grid.
Hall, a retired Air Force captain, has been an active proponent of grid security and resilience for several years.
He's introduced Senate Bill 75, which has bipartisan support in its call for the creation of the Texas Grid Security Commission. The bill was passed by the Senate but died in the House during the last session. The proposed commission would assess an array of potential hazards to the power grid and recommend measures to utilities to eliminate the risks.
Electromagnetic pulses, geomagnetic disturbances, cybersecurity attacks and physical terrorist attacks are some of the striking risks listed in SB 75.
EMP's and GMD's
An EMP is a wave of electromagnetic energy produced by either natural causes or weapons. They are “considered capable of widespread damage to power lines, telecommunications, and electronic equipment,” according to the U.S. Department of Homeland Security.
This is a cell tower in Upper Saint Clair, Pa., on Friday, April 2, 2021. (AP Photo/Gene J. Puskar)
This is a cell tower in Upper Saint Clair, Pa., on Friday, April 2, 2021. (AP Photo/Gene J. Puskar)
"A large-scale EMP event could cripple power grids, telecommunications, and financial systems, creating widespread chaos and hindering the response to other emergencies."
Geomagnetic disturbances, on the other hand, are “disturbances of the Earth's magnetosphere caused by a solar wind shock wave and/or cloud of magnetic field that interacts with the Earth's magnetic field.”
This photo provided by NASA, taken by the Solar Dynamics Observatory, shows a solar flare, the bright flash in the center of the image on Oct. 3, 2024. (Solar Dynamics Observatory/NASA via AP, file)
This photo provided by NASA, taken by the Solar Dynamics Observatory, shows a solar flare, the bright flash in the center of the image on Oct. 3, 2024. (Solar Dynamics Observatory/NASA via AP, file)
The immediate effects of either disturbances can be crippling and require a prolonged recovery that could cost billions. Sen. Hall said, “it is vital that all sectors and industries prepare for EMP events, as the consequences would be far and long-reaching, especially in an increasingly digitized world.”
The cost for EMP protections would fall on customers of utilities, “$0.80 per month on consumer bills,” Lane said.
Cyber threats
While hacking the power grid is difficult, it is not impossible. All it takes for state adversaries to gain initial access into utility business networks, for example, is through spearphishing emails.
Data from U.S. Dept. of Energy (Zahra Ahmad)
Data from U.S. Dept. of Energy (Zahra Ahmad)
Former FBI Director Chris Wray testified before the House Select Committee in January 2024 that the United States has been a target of “China’s hackers” and that there has been “far too little public focus” on threats that “affect all Americans.”
Rapidly digitizing industries with inadequate investments to upgrade equipment and a lack of regulatory oversight from the government in cybersecurity, means the U.S. power grid “is as vulnerable—if not more vulnerable—to a cyberattack as systems in other parts of the world,” according to the Council on Foreign Relations.
Physical threats
Physical threats, arguably the easiest and least sophisticated type of attack to carry out, pose a sizable threat to the grid. In 2014, unknown parties shot at and damaged a transformer at the Metcalf Road Pacific Gas and Electric (PG&E) substation in San Jose, California, then used hand tools to sever nearby fiber optic cables, disrupting local communications, including 911 services.
The unidentified perpetrators demonstrated knowledge of the equipment and targeted the facility in a way that prevented fires and explosions. In the bill, one hazard is “insider threats caused by compromised or hostile personnel working within government or the utility industry.” It is not clear in the bill how this type of hazard is to be measured or foreseen by the proposed commission.
Surveillance video from the PG&E substation on Metcalf Road. The video shows bullets hitting the fence causing sparks. The sparks can bee seen at minutes: 1:54, 2:07, 2:10, 2:57 and 3:01. Source: Santa Clara County Sheriff's Office
The proposed commission would be required to present a situation report to the legislature annually on Jan. 1. Although the bill did not clearly outline exactly how the commission would implement its recommendations, Lane said it would start by requiring utilities “to bring their critical facilities into compliance by meeting the standards established by the Grid Security Commission. This naturally would take some time, and considerations for the supply chain would be part of the implementation process.”
A 2016 report by the Department of Energy emphasizes that for real, sustainable improvement of the grid to occur, “utilities must demonstrate commitment to cyber security beyond business risk practices by continuously evaluating and implementing practical measures.”
Built with Shorthand
