I just ordered this book. Sounds very interesting. Thanks for the recommendation.
But I have to wonder… what’s to stop a terrorist from reading this book and getting ideas on where “hit” our electric grid? 
Hopefully that some of our good guys will also read the book and protect it.
Bad guys will always find holes in security with or without help, it is the good guys that are complacent with their security that need to be reminded how vulnerable we are.
Most terrorist attaacks aren’t so indirect. In fact, I can’t think of any that were. They always either kill people or threaten to. Knocking out a power line mostly just inconveniences people. So I don’t expect any terrorist attacks against the grid. The biggest danger to the grid is from natural disasters. Or people who think the grid is in danger from terrorists.
I read an article about Grid Assurance and it mentions one of the main reasons for its creation was the Metcalf sniper attack. This was an attack on a substation in California where some unknown persons used small arms to damage the facility. It seems to have been a well organized attack. The real question is what was the motive.
There was no money there to steal and they didn’t try to extort anything from the utility company, so money doesn’t seem to be the motive. So was it a terrorist attack? Who did they terrorize? The president of the utility? While the people in charge of power companies were concerned, your average person was not unduly alarmed by this attack. So it was not a typical terrorist attack and probably not one at all.
My theory is that it was done by someone intending to highlight the vulnerability of the grid. And that someone was almost certainly in a position of power within the US. Probably got some black ops people to actually carry it out.
My thought was that anything you do to the generator would probably end up just tripping it offline. I see from reading through that article that they intentionally disabled the protective relays that would normally trip the generator.
That’s cheating. 
IMHO, it isn’t a hacking test if you have physical access to the machine. The idea is to determine how vulnerable the plant is from outside hacking just through the computer networks.
If you have people working inside various power plants to commit sabotage, that’s a whole different ball game. At that point, there are much easier ways to take down the plant than bypassing protective relays and then hacking into the controls.
I haven’t read the book, and have no reason to doubt the conclusions, but when old transformers are replaced, they are typically replaced with something a quarter the size, and even less weight.
My theory is that it was done by someone who didn’t have any old telephone lines / insulators to shoot at. Or even squirrels.
Or a couple of bored teenagers with hunting rifles.
Which is more likely?
They way the attack was conducted reeks of professionalism. I think there’s almost no way that bored teenagers could have done this. At least not without getting caught because they bragged about it somewhere.
A sidenote to this discussion regarding re-building after such a catastrophe.
Some of the discussion about rebuilding seems to me like the statements decades ago that “it’s just not possible to have people making millions of long-distance phone calls every day – you could never hire enough switchboard operators to make the system work!” But of course, it happens every day, because the system was rebuilt so that operators are very seldom needed.
Thus huge transformers that aren’t built any more, and even the railroad cars to transport them aren’t even around anymore – they would not be replaced in the same way. More modern equipment would be used, and the circuits redesigned to be more decentralized. That is what they must be doing in the electrical grid already, otherwise they would still be building those huge transformers to handle the growing electrical demand. They must be doing it some other way, with newer, modern equipment that is smaller & lighter, and can be transported via standard railroad cars or semi-trucks.
While it would still be a huge catastrophe, and big delays till things are rebuilt, it’s not un-doable. The engineers would take the opportunity to rebuild it ‘the right way’, using their modern designs. I worked on a lot of very old computer systems during the Year-2K crisis, and many old COBOL programs were patched, redesigned, and improved enough that they were still in use years later. Or consider the Puerto Rico electrical grid – over 80% destroyed in the hurricanes, but being rebuilt in a much more robust way – Many smaller, localized grids, with some self-sustainable local power sources (mostly solar panels). When it’s finished, it will be much better. (If it’s ever finished, given the inadequate Federal reaction. But that’s a Great Debates issue.)
Are substations lit up at night? If not, they can’t see the targets all that well.
Bored teenagers first cut phone lines and then have a lookout? Prepared signals for when to start shooting and when to stop? Escape route so that an approaching police car won’t see them? And then to make all that work the first time?
Are either of these two groups likely to expend more than 100 rounds in 20 minutes? Methodically target the parts (oil cooling systems) that would cause the most damage (when the transformers overheat)? And not leave fingerprints on their brass? The conclusion of experts was an attack was by a team of professionals.
I watched them all. Fascinating, and thank you for the links.
You are correct that there is no reasonable way to defend yourself from either officials or criminals when disaster hits. Especially if it becomes apparent you have planned well ahead. Reading this blogger’s “lessons learned during Katrina” posts, it seems likely your friends and ne’er-do-well relatives will have ravaged your supplies long before the officials get their act together. Our changes are to simply increase the amount set aside, and to prep for managing without refrigeration (and very little cooking) for a lengthy period of time. According to what I read, you can only use a generator for a short time following a disaster – eventually it becomes a loud beacon drawing criminals and beggars to an apparent source of food. Trying to avoiding TMI and thread derailment, but we not only increased supply, but changed the plans and methods with an eye toward remaining quiet and unnoticed.
I’m so glad you said this! I hate hearing about this incident as the example of industrial cyberattack. They had physical access to the thing, they could have just thrown a wrench into it.
Agree.
I suppose one theory is that it was the work of a disgruntled employee. But disgruntled employees usually work alone, and more hastily.
I’m thinking there was a profit-motive behind it. If I were the FBI agent on this case, I would be investigating employees at companies that manufacture replacement transformers, along with their suppliers.
The European grid is supposed to be more resilient, newer and better maintained than the US one.
Nevertheless, a dozen years ago, a ship hitting and rupturing a single high tension line in Germany was enough to cause a black-out in a large part of Northern Europe (including here in Paris). The black out didn’t last (less than an hour here), but it still shows how vulnerable electric grids are. If a small incident can have this result, it cannot be too hard to cause a massive mess if you’re actively trying to.