The Increasing Risk to Energy Substations in the U.S. and the Role of RF Sensing in Security

The U.S. Department of Energy is growing increasingly concerned as attacks on substations are becoming more frequent — and more severe.

With the rise of both physical and cyberattacks against the U.S. power grid, there's a pressing need for more and better security at all layers of utility. Recent incidents throughout the Pacific Northwest and other states saw power cut to tens of thousands of customers each time, causing major inconveniences.

But who is attacking, and why? As we look forward, how can we better protect the U.S. power grid from bad actors?

Attacks on U.S. Energy Substations Have Reached a New High

Attacks and other suspicious activity at U.S. power stations reached a new high last year. "[There were] more than 100 reported incidents in the first eight months of 2022," Time Magazine reported. "Since then, there have been at least 18 more publicly reported attacks or potential attacks on substations and power plants in Florida, North Carolina, Oregon, South Carolina, and Washington."

The reasons for these attacks are varied and not fully understood by law enforcement.

These types of physical threats are expected to continue, too. And when coupled with a rise in cyberattacks, the U.S. power grid, as well as citizens, are at risk of sustained inconvenience which may eventually lead to more severe outcomes.

The Vulnerabilities of Substations

The most prevalent vulnerability in terms of physical attacks on substations is that they're insufficiently protected. The U.S power grid is massive, hosting over 55,000 substations across all 50 states — and it's not unusual for there to be a lack of security presence at any given one.

Compliance Issues
Ambiguity among the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Standards makes it difficult for energy asset owners to address compliance issues.

In a white paper titled "Wireless System Considerations When Implementing NERC Critical Infrastructure Protection Standards," authors note, "Because the applicability of CIP Standards to wireless is ambiguous, compliance conflicts potentially exist among CIP Standards, other federal regulations (e.g., Federal Communications Commission [FCC] regulations), and a utility's normal or emergency operational protocol."

Mobile devices that are capable of unauthorized wireless connectivity, with wired and wireless interfaces, are able to access a CIP-protected cyber asset within the Electronic Security Perimeters (ESP). And because regulations for physical security and cybersecurity are not written by federal regulators, but by the utilities themselves, they can only be accepted or rejected by regulators.

This is where wireless situational awareness can add a layer of protection.

How Wireless Monitoring Improves Physical and Cybersecurity for Substations

With more than 55,000 substations in America vulnerable to physical attack, utilities and regulators are looking for options to deter threats. As almost everyone carries a smart device with a unique RF signature, the ability to detect and locate unauthorized persons in a restricted area can be accomplished by a rogue wireless detection system, like Epiq Solutions' Flying Fox. Sophisticated RF detection with a few sensors can produce alerts to unauthorized access as well as forensic data that can be used to find and prosecute an attacker.

With the power grid increasingly controlled and monitored by electronic means, risks to the grid from a cyberattack are escalating. Cyber risks can come via connection to the internet, but with improved hardening of critical networks, would-be attackers are using physical insertion to gain access. Attackers make use of an unauthorized wireless device attached to critical equipment or networks which are then used for remote exploitation. Even misconfigured equipment with IoT capability can be a vector for attack. A full and persistent RF scan of critical infrastructure is the best way for utilities to maintain situational awareness of wireless threats that would otherwise be largely undetectable.

Epiq Solutions specializes in ultra-compact software-defined radios and RF sensing technology that is used to monitor and protect some of the most sensitive spaces in the United States.

Whether you're looking for protection from rogue wireless devices, rogue base stations, or even more sophisticated wireless threats, Epiq Solutions' technology is probably at work there already.

Contact an RF expert to see how you can benefit from RF sensing to protect critical spaces, equipment, and systems.