Quietly, this Idaho lab is keeping U.S. secure

In the early evening of Dec. 23, 2015, computer hackers launched three attacks – 30 minutes apart – on power companies in the Ukraine. As helpless power officials watched, unknown assailants seized control of their systems and shut down power to roughly 230,000 customers, leaving them in the cold and dark.

Power was restored to most customers within six hours, but experts say the next attack, wherever it comes, could be far worse.

While the incident in Ukraine served as a wakeup call to many, for those at Idaho National Laboratory who have long been working to protect the American power grid and make it more resilient to attack, what took place last December only confirmed what they already knew: It can happen here.

“INL is known internationally for its expertise in securing critical infrastructure from cyber threats,” said Brent Stacey, INL’s associate laboratory director for national and homeland security. “Our nation faces an urgent challenge because a disruption of our power grid would have a dramatic impact on society.”

Disabling the power supply has the potential to halt air traffic control, subway systems, traffic lights, cell phone coverage and water and food supplies.

In 2007, during a demonstration that took place at INL, the U.S. government showed how hackers could take down a power plant by physically destroying a generator using just a few lines of code.

Some at the time dismissed that scenario as far-fetched, alarmist even. Nine years later, and with the Ukrainian hack fresh in everybody’s minds, there is universal agreement, among the political left, right and center, that protecting this nation’s critical infrastructure – and better equipping it to handle attacks that will come – is one of the nation’s highest priorities.

“In the United States, frequently we take our grid’s dependability and security for granted and far too often, it is not until the lights go dark, that we truly take time to consider the grid,” Idaho Sen. James Risch told his colleagues on Capitol Hill recently.

INL infrastructure

and expertise

INL Director Mark Peters is a geologist who has spent many years in the Department of Energy’s national laboratory system. So, when Peters came to INL on Oct. 1, 2015, he was well-versed in its lead nuclear research lab status and extensive work in broader clean energy.

Peters, however, will admit that he did not fully appreciate how extensive INL’s national and homeland security efforts were until he experienced them firsthand.

“This is critically important work, to every single person living in the country, and it never stops,” Peters said. “It’s 24-7, and it has to be. Technology is constantly changing and someone is always out there, planning new ways to do us harm. And we’re constantly working to stop them.”

Ask the average Idahoan about INL and it’s a safe bet that a vast majority have no idea of the state-of-the art facilities available and expertise being employed every day to keep this nation’s critical infrastructure safe from cyber threats:

* Since 2003, INL has operated a comprehensive wireless test bed across its 890 square-mile site in eastern Idaho. This allows for at-scale testing and validation that can be found nowhere else.

Through the wireless test bed, INL has blazed a trail for secure wireless communication and innovation.

* INL employs the foremost cyber and industrial control systems experts in the world. These folks work with industries around the globe to help them understand – and mitigate – cyber and physical security risks.

Why is this so important? Roughly 80 percent of the U.S. power grid is owned and operated by private companies that are working to update systems vulnerable to new technologies. Also, because many U.S. systems are fully automated, recovery from a cyberattack could be much more difficult and time-consuming than what took place in Ukraine, where much of the system could be mechanically restarted.

* At INL’s Critical Infrastructure Test Range, full-scale infrastructure systems can be analyzed and tested under real-world conditions. The 2007 demonstration that proved a cyberattack could destroy critical infrastructure took place here. Since the “Aurora Project Test,” the test range has helped industry and the government through training, hygiene and development of innovative technologies.

* The site is often compared to a small city or state, with 111 miles of transmission and distribution lines complete with seven substations. This enables power companies to conduct real-time, at-scale, independent testing.

INL continues to enhance its capabilities to assist utilities with a variety of components, including smart grid testing.

The lab’s focus and capabilities are not on the incidental hacker, the curious wanderer who stumbles into a system. INL experts and infrastructure are designed to address, on a grand scale that involves at-scale testing and real-world scenarios, the sophistical hacker, similar to those who invaded the Ukraine system with the intent to do harm.

Stacey, speaking to a congressional committee earlier this year, outlined the principles and threat trends upon which INL’s control systems cybersecurity research is founded: The cyber threat is here, it’s real and it needs to be dealt with; sophisticated and determined adversaries will get into our control systems, and in fact already have; those in control of these systems – aided by research conducted at INL and other national labs – must use the advantages they have, a detailed knowledge of our processes and engineering, to make them as resilient as possible.

What they’re

doing in D.C.

Policymakers are listening. Sen. Risch recently introduced the Securing Energy Infrastructure Act of 2016 along with three colleagues: Sen. Angus King, I-Maine; Sen. Susan Collins, R-Maine; and Sen. Martin Heinrich, D-N.M.

This group of lawmakers, from across the political spectrum, are privy to intelligence briefings that describe the threat as the federal government understands it. That motivates them to address an issue of which the American public remains largely unaware.

“It’s not by coincidence that all four of us are on the Intelligence Committee,” Risch said.

Risch’s legislation “would seek to prevent cyber-attacks from disrupting the U.S. energy grid by isolating the grid’s most critical control systems,” and “examine ways to replace some automated systems with manual ones.” Making use of “retro-technology,” by allowing power to be restored by flipping old-style circuit breakers, was a lesson Risch and his colleagues learned from the incident in Ukraine.

Finally, the bill would establish a two-year pilot program within the national laboratories to identify security vulnerabilities, research and test technology and, ultimately, “develop a national cyber-informed strategy to isolate the energy grid from attacks.”

“We are now faced with the need to enhance our infrastructure security that it can better detect, resist, absorb and respond to the most sophisticated cyberattacks,” Stacey said.

Looking to the future

As you sit in an air-conditioned home, watching television or catching up with events on your computer, INL researchers, technicians, engineers and support staff are working with industry, government and academia to make sure our systems are safe and resilient. These folks work around the clock to protect the present and respond to adverse events.

But the lab, though its research, growing expertise and unique facilities, is also looking to the future.

Because cybersecurity is an area of major growth at INL, and throughout the nation, there is a shortage of qualified, educated and experienced people to protect the nation’s critical infrastructure.

While INL hires the best and brightest from around the globe, this is Idaho’s national laboratory and there is a strong desire to have as much of INL’s future workforce as possible come out of our own communities.

In order to be successful in combating this grand cyber challenge, INL requires a trained, elite workforce. And so the lab is working individually and collectively with all three of Idaho’s universities to develop and train the workforce of the future.

This collaboration with Idaho’s universities offers their students a chance to develop careers in a field that continues to evolve and grow, pays well and allows them to serve their communities by protecting the critical infrastructure their friends, families and neighbors depend upon every day.

“Reality is that as we continue to automate our lives, the cyber threat grows,” Peters said. “It’s vital that everyone, those of us in these positions now and those who will work to protect our critical infrastructure in the future, rise to the challenge because the consequences of failure could be catastrophic.”