As if you didn’t have enough to worry about between the pandemic, the murder hornets, and the creepy robots that will probably rise up against us any day. Now you can add massive blackouts caused by cyberattacks on our energy grid to the list. That’s the message that was being put out by our new Energy Department Secretary Jennifer Granholm this weekend. She appeared on Jake Tapper’s show on CNN Sunday morning and painted a rather scary picture of “malign actors” among our adversaries, including the Russians, who are regularly launching cyberattacks and trying to shut down the United States power grid. And at least in the estimation of some security experts, they may have the ability to do it. So why do you still have enough electricity and web access to be reading this article? Well, we may have simply gotten lucky thus far. (The Hill)
Energy Secretary Jennifer Granholm (D) said on Sunday that adversaries of the U.S. have the capability of shutting down the country’s power grid.
“Yes, they do,” she said on CNN’s “State of the Union” when asked if U.S. adversaries had such a capability.
“I think that there are very malign actors who are trying. Even as we speak, there are thousands of attacks on all aspects of the energy sector and the private sector, generally,” Granholm added. “It’s happening all the time. And this is why the private sector and the public sector have to work together.”
We can leave aside for the moment the irony of having an American Secretary of Energy who is actively opposed to America’s most dominant form of energy generation. (The oil and gas industry.) The topic at hand is quite real and needs to be addressed responsibly.
Granholm went on to say that Joe Biden is working with other countries all around the world to combat this threat. She somewhat hilariously included Russia on that list, saying that the Kremlin doesn’t want to be “attacked by malign actors, by rogue non-state actors, not to mention state actors.” I’ll grant you that there are non-state bad actors in many places, especially in Africa. But some of the worst incidents of cyberattacks have been documented as coming from both state and non-state players in Russia, where it’s often difficult to tell the two apart. And if the Russians have any interest in stopping hackers in their own country from attacking targets among their adversaries (including the United States) they certainly haven’t done much to demonstrate it.
She also said that the administration is opposed to anyone from either the public or private sector paying money to ransomware attackers because it “just encourages the bad guys.” While I understand the thinking behind that statement, it’s not of much use for targets like Colonial Pipeline who were totally shut down until they paid more than 4 million dollars to a group of hackers last month. What we need to figure out is why we are so far behind the curve in the cyber warfare field and seemingly unable to defend ourselves.
I’ve been advocating for years on the issue of toughening up and “smartening” the American energy grid. This should be done to prevent massive, multi-state blackouts when energy supplies fall below a certain level, as well as manage the sharing of electricity more efficiently. But at the same time, one of the reasons we’re not getting hit with the sort of blackout attacks Granholm is talking about is that our grid is still so “dumb.” There are some areas where we’re exposed to mischief from hackers and problems have cropped up. But much of the grid still relies on functions that boil down to somebody walking into a power station and throwing a breaker or pushing a button. Those sort of systems can’t really be tampered with too much via the internet. But the day is coming when those vulnerabilities will expand.
One person who sounds like he knows the answer (and a possible solution) is former Director of National Intelligence John Ratcliffe. He went on Fox News this weekend to talk about why cyberattacks seem to be so successful. Ratcliffe said that Homeland Security is currently the principal agency responsible for defending against and responding to cyberattacks. But he claims that the agency is ill-equipped and essentially unable to defend against cyberattacks such as the ones under discussion. Ratcliffe claims that the only agency with the proper resources and talent to attack this problem is the NSA, but by law, they are not allowed to engage in such digital warfare.
That should be a problem that’s fixable if Congress is interested in getting serious about this. Either change the laws to allow the NSA to take the lead in fighting cyber warfare or, if that’s not constitutionally doable, transfer some of the needed talent and resources to Homeland Security so we have our best and brightest working on this. Is that really so difficult to figure out and accomplish?