Security under scrutiny at nation’s power plants and the power grid

 

CHARLOTTE, N.C. – An investigation by USA Today found the nation’s power grid sustained 362 attacks between 2011 and 2014.

Example — In April 2013, someone fired more than 100 rounds at a substation transformer near San Jose, California. Six fiber optic cables were also cut in the assault that was unlike anything seen before.

“This event caused us and the entire industry to take a new and closer look at our critical facilities and what we can do to protect them, ” said Ken Wells from Pacific Gas and Electric, the company that operates that plant.

Locally in just the past few months, someone was able to penetrate security at two electrical substations: one in Gastonia and one in Clover, South Carolina.

In the Clover incident, power was knocked out for three hours.

Both break-ins involved the theft of copper, not terrorism, but they demonstrate the vulnerability of the power grid in local neighborhoods.

Duke Energy, in a statement, said they used a variety of security measures at company substations, “…including security lighting, motion sensors, and video with real time cameras.”

The company says it also works with community watch groups and clears trees and bushes around substations.

Concern is also growing over the potential for cyber-attacks like those that recently affected Sony and Home Depot.

The U.S. Department of Energy received 14 reports of cyber attacks over the past four years, but the number could actually be higher because the definition of a cyber attack can be ambiguous.

The FBI says the bottom line is that no business operation or home computer can ever really be cyber-secure.

Colleen Moss is the Supervisory Special Agent in Charge of the FBI Cyber Squad in Charlotte.

She said, “I don’t think anyone can walk around and say there is no way we could ever be taken advantage of through a cyber-network. It’s not possible.

Moss added, “If someone targets you or your business in particular, they are going to find a way to cause damage or get in.”

Nuclear power plants, big banks and other financial institutions take the extra step of insuring the company’s internal computer network has no connection to the outside internet.

The Nuclear Regulatory Commission says the plant computer systems are no accessible even to insiders who might try to disrupt operations.

Duke Energy said in it’s statement, “…we continuously perform plan assessments and update our plans and implement new standards/controls as needed….”

Moss says the FBI is being proactive in cyber-security but she says every single person needs to be aware every time they go on line.

And that, she said, is what keeps her up worrying at night.

“The concern that we are not going to convince people that it really is the average person who can make a difference in this crime.”