Hurd: We must prevent foreign cyber attacks on Texas energy infrastructure

July 30, 2020
Editorial
By Will Hurd

Originally published in the Houston Chronicle on July 30, 2020.

A company owned by a member of the Chinese Communist Party — Guanghui Energy Company — may gain access to our power grid through a large wind farm in the Devil’s River Areas of West Texas, and the federal government is not moving fast enough to prevent it, and the state government lacks the power to stop it.

Texas’ power grid is a complex system connecting power generators to consumers through transmission and distribution networks across the state. For this complex system to be reliable, tools and techniques must estimate the state of the power grid at any one time. This prevents rolling black outs and ensures consumers get power when they need it.

When the Texas utility sector deregulated — resulting in the ability for any entity to provide power to the grid as long as their application was “administratively complete” — those involved did not predict a company friendly with a hostile foreign government would try to connect to our power grid. Allowing an adversary to connect to our power grid enables the attacker to perform a false data injection attack — where the attacker spoofs the system’s monitoring tools to falsely think activity is happening on the grid.

Usually, when a single power plant fails, a transmission line is cut, or a generator fails, other units throughout the system pick up the load. However, when demand for electricity is high, failures on the grid can lead to a cascade of breakdowns resulting in many people losing power. This scenario happened in August 2003 when a massive blackout impacted 50 million people in the Northeast. 

An analysis by the U.S.-Canada Power System Outage Task Force found that the 2003 blackout started “with a few generators going offline in northern Ohio because of mechanical trouble. The load was shifted to nearby generators, but overgrown trees made contact with overhead power lines, causing those lines to trip. Utility companies in the region didn’t have adequate monitoring systems in place, so workers failed to recognize the severity of the situation before generators across the region became overloaded and shut down.”

What if the power grid could be tricked into thinking this scenario was happening in order to bring part of our grid down for a finite period of time? Grid operators like the Electric Reliability Council of Texas are supposed to have procedures in place to prevent, detect and reverse this type of behavior. Most cyber professionals believe they can defend against attacks, but often — when tested by a sophisticated adversary — they fail. While I trust grid operators are doing what they think they should be doing, federal resources should be made available to help them verify they can defend against this type of attack. Congress should move swiftly to implement the concept of “Systemically Important Critical Infrastructure.” This idea and designation — recommended by the Cyberspace Solarium Commission — would enable the federal government to “bring to bear its unique authorities, resources, and intelligence capabilities to support” entities that operate systems like the power grid.

Additionally, once the owners of this West Texas project named Blue Hills Wind becomes part of the power community, they will gain access to security industry alerts, private industry insights and national security threat assessments. This could create the ultimate fox in the hen-house scenario, where we our giving an adversary our playbook and telling them which play we are running and when. The potential for a foreign government to access the Texas power grid would erode trust in the power community, and as Rob Lee, a pioneer in the industrial security incident response and CEO of Dragos, explains “community and trust are the best national defenses we have for the electric system.”

While SICI designation is a specific action to better protect our power grid, more general actions to counter the threat of the Chinese government can be taken. A retired U.S. general would be prevented by the Chinese government to buy land near a Chinese military base in mainland China, so why are we allowing a former general in the People’s Liberation Army of China to buy land in West Texas? We need a general policy of reciprocity — if American companies and investors are unable to do something in China, then Chinese companies and investors should be prevented from doing those same things here.

In 1975, President Gerald Ford created an inter-agency federal committee called the Committee on Foreign Investment in the United States to review the impact transactions involving foreign investments in the U.S. would have on national security. As the Blue Hills Wind project is meandering through this process many questions are being generated, but a few things we know: the Chinese government threatens global supply chains, steals American intellectual property and economically bullies smaller countries in an effort to become the world’s superpower by 2049. Through government state sponsorship the Chinese company Huawei has captured nearly 30 percent of the global 5G market, and the U.S. and our allies are scrambling to prevent Huawei from infiltrating telecommunications networks globally. We must act to prevent a similar scenario in our power markets.