ELECTRIC UTILITY SECTOR PHYSICAL THREATS (DBT) & RESPONSE PLANNING

Transcription

1 ELECTRIC UTILITY SECTOR PHYSICAL THREATS (DBT) & RESPONSE PLANNING Helping to keep the lights on, businesses running and communities strong 1

2 Objectives The Utility Business has Changed Methodology Program Best Practices Resiliency Public/Private Partnerships 2

3 Electric utility industry concerns

4 Electric utility industry concerns Casual Adversary Copper theft Vandalism Determined Adversary Surveillance Probing Sabotage Types of Adversaries

5 Electric utility industry attack - International First Time In History, A Terrorist Attack On The Electric Power Grid Has Blacked-out An Entire Nation In This Case Yemen. June 9, 2014, AP

6 Electric utility industry attack - International Militant Attack Plunges Pakistan Into Darkness Some 140 million people were left without electricity after a transmission line was attacked, knocking out the national grid. January 26, 2015, AP

7 Electric utility industry attack - International Michoacán, Mexico Organized gang/terrorist attack Multiple substations simultaneously attacked with Molotov cocktails Approximately 1 million people affected 15-hour power outage lead to additional criminal activities by gangs

8 Bulk Electric System (BES) Attacks - PG&E Metcalf SS-California Source The Wall Street Journal 8

9 Jason Woodring Arkansas subject National news headline Oct. 12, 2013 FBI Joint Terrorism Task Force Arrest Suspect In Power Grid Sabotage Attacks Suspect indicted Nov. 6, 2013 by a federal grand jury on eight counts related to his attacks on the power grid in Central Arkansas. Woodring is currently in federal custody. 3 Major Incidents: Lattice Tower Incident Destroying Control House Cutting down Power Poles

10 Explosive/fire bomb - Arizona Western Area Power Substation in Arizona Incendiary Explosive Device placed at base of fuel tank located in a generation substation Lessons Learned: IEDs are usually set up as distraction charges More than one to distract attention

11 Wisconsin shooting February 14, 2015 Transformer Shooting Clintonville, Shawano County, WI Outage interrupted 1800 customers

12 Tower downing in Wisconsin Oak Creek 2004 Unsolved

13 Pole Mounted Switch attack Wisconsin Unsolved Outage affected 2300 customers

14 Criminal / Vandals The thieves generally steal copper grounding straps, transmission lines and copper control cables from substations.

15 Threats analyzed Domestic terrorist Ecological, militia/paramilitary, ideological, fanaticism International terrorist Criminals Thieves, gangs, vandals, protesters Rogue (lone wolf) Insider Employees, contractors, consultants Tracked using Threat Based Intelligence Initiative A Corporate Security System with information support from law enforcement, DHS, FBI, Utilities, Others 15

16 Likelihood is not the same as probability Adversary Capability including: - Access to region - Material resources - Technical skills - Planning - Finances Adversary History including: - Historic Interest - Historic Attacks - Current interest in site - Current Surveillance (Intel Known) - Documented Threats Relative Attractiveness of Asset to Adversary: - Desired level of consequence - Ideology - Ease of Attack 16

17 Linked threat intelligence Value of intelligence linkage: Utility: Reduces incidents in our footprint Make information available to field personnel Law enforcement: Eases their investigative burden Increases likelihood of a conviction

18 Consequences gauging bad outcomes Outage people in the dark Reliability load loss Market commerce Repair ratepayer impacts Public safety loss of essential societal services Worker safety employees and contractors at risk Public confidence government oversight and public 18

19 Resiliency (how do we recover?) Physical and Cyber Security cannot protect against a determined adversary. Risk is never zero. Response Planning Resiliency for Black Sky Events Logistics, Communication, Cyber Security, Physical Security, Exercise Plan Resiliency (spare equipment) is a cost effective part of all plans. This is our spare tire in the trunk. Incremental spares above emergency level (preliminary) Control house Additional spare transformers Additional spare breakers Bushings Transformer parts Control cables 19

20 Public/Private Partnerships Law Enforcement Agency Specific Partnerships Asks: Understand importance of infrastructure Create jurisdictional response plans Protect information Develop and exercise response plan in accordance with safety guidance provided Execute plan during an incident Notify substation owner of an incident

21 Public/Private Partnerships Government and more recently Utility Industry have consistently adopted a risk based approach DOE, FERC, NERC, PSCW, and legislators have been briefed on this approach Sponsor and provide training for adjacent utilities on proven Risk Assessment Methodologies to obtain a consistent approach to physical security within regional footprints Participate in the North American Transmission Forum (NATF) Physical Security Working Group to lead and ensure consistency with industry Briefings, working groups, response planning with National Guard, Emergency Management, Fusion Centers, Local/State/Federal Law Enforcement, DSAC, Counter Intelligence

22 Physical security strategy summary Intelligence Corporate Security/law enforcement Track evolving threats using Threat-Based Intelligence Initiative Deterrent Enhanced perimeter - expanded metal fence/concrete wall Detect Substation cameras with full analytics, alarm systems, exterior perimeter detection Delay Access control, security alarm systems, cabinet locks, hardened control house, enhanced perimeter Response Verify alarms, communicate with law enforcement, utilize response plans Resiliency Spare equipment 22

23 Questions? Contact Information: Dale M. Steffes, Sr. Security Specialist / dsteffes@ Helping to keep the lights on, businesses running and communities strong 23