Wednesday, July 08, 2015

Attack on U.S. Electrical Grid Could Cost $1 Trillion

[LP note: An excellent argument for diversifying energy production and distribution through solar, wind, geothermal, hydropower, etc.]

By Ben DiPietro, WSJ

The economic damage to the world economy from a cyberattack on the U.S. power grid would total between $243 billion to more than $1 trillion, depending on the nature and severity of the attack, according to a report released Wednesday.

The report, “Business Blackout,” from insurance market Lloyd’s and the University of Cambridge’s Centre for Risk Studies, looks at the damage that would follow an attack on the part of the U.S. power grid serving the area between New York and Washington, D.C.

The report’s authors said describing a detailed scenario devised by experts provides the public rare insight about the threat of a cyberattack against critical infrastructure, and highlights the vulnerability of the power grid to cyberattack. The report is based on a “plausible but extreme” scenario in which a sophisticated group of hackers is able to compromise the electrical grid, said Nick Beecroft, manager of emerging risk and research at Lloyd’s.

“We have done a number of these kinds of studies about emerging risks so we can have an idea of what we need in terms of capital to support what the insurance syndicates may be asked to underwrite,” said Mr. Beecroft. Regulators in the U.S. and U.K. require insurers to make models for risks that have a one-in-200 probability of occurring, and the scenario in the report is based on such a probability, he said.

Based on the size and scope of the attack outlined in the report, insurance companies would face total claims of between $21 billion in a core scenario and up to $71 billion in the most extreme variant. The numbers are comparable to the scale of claims to be expected from a major natural disaster. A total of 32 lines of insurance would likely experience some increase in claims, with eight of these lines experiencing a substantial increases in claims, the report said.

In laying out a possible attack scenario, Tom Bolt, director of performance management at Lloyd’s, said the goal was to make the information in the scenario realistic but not provide so much detail that a bad actor could use the information as a “cook book” to launch an attack. The report spells out three potential outcomes that are based in part on how well the responses are to an attack.

In the attack cited in the report, the attackers gain access to electrical generation control rooms, but are only able to break into 50 large industrial steam or turbine generators along the East Coast corridor, with several hundred others protected by defense systems and other protections. The 50 generators that are infiltrated–each costing between $1 million and $50 million–catch fire and are shut down, causing a widespread blackout. In the best-case scenario, power is restored to 90% of affected areas within two weeks; in the worst-case scenario, it takes four weeks.

(More here.)


Blogger Minnesota Central said...

Congressional inaction could cost us.

Last session, the House had a bill H.R. 2427 Secure High-voltage Infrastructure for Electricity from Lethal Damage Act (or SHIELD Act) but failed to hold a hearing despite getting over 30 co-sponsors including John Kline. I sent an email to Tim Walz about it ... but like most of my emails, I get no response ...

Funny thing is if go to Goggle and type in SHIELD ACT it tells you that there is a site with a warning "This site may be hacked" ... shouldn't that tell Congress that "their" watching us.

8:20 AM  

Post a Comment

<< Home