Drone attack on Pennsylvania substation should prompt increased industry/government preparedness

Situated directly between the busy Muir Army Airfield and the Harrisburg International Airport is the town of Hershey, Pennsylvania. Famous for its chocolate, the town has a registered trade name of “The Sweetest Place on Earth.” It is now also home to what is being called “the first known instance of a modified UAS [unmanned aerial system] likely being used in the United States to specifically target energy infrastructure,” according to a Joint Intelligence Bulletin (JIB) published last month by The Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the National Counterterrorism Center (NCTC).

The bulletin was unclassified but law enforcement sensitive (LES) and was not intended to be made public. ABC News obtained a copy of the bulletin and was the first to break the news about it, followed by numerous other media outlets. The bulletin described the drone as a commercially available “Mavic 2” manufactured in China by Da Jiang Innovations (DJI). The drone had been modified to remove its camera and other identifying features and was found on the roof of a building adjacent to an electrical substation. Tied to the drone were two 4-foot pieces of nylon twine connected to a length of stiff copper wire. The drone operator was likely trying to drape the copper wire between the conductors in the substation to create a fault in the system, subsequently disrupting the operation of the substation and possibly damaging the electric infrastructure.

Most electric substations are constructed to protect against objects and events that cause electrical faults in the system. The industry uses fuses, circuit breakers, and a wide range of protective relays that will trip to interrupt the current of an electrical fault that would otherwise cause permanent damage to electric infrastructure.

Some of the “objects” that most often cause faults include squirrels, snakes, and wind-blown debris and one of the most prominent “events” in the U.S. that causes faults is natural lightning. Most electrical substations have installed lightning arrestors and grounding devices to protect against the voltage surges from lightning and some (though not nearly enough) have taken the initiative to install special protection against voltage surges from electromagnetic pulse (EMP).

Many substations can be monitored remotely from control centers to help identify where a fault may have occurred. Temporary faults can be corrected directly through logic programmed into the protection devices or remotely by the control center. For permanent faults, the control centers normally have a process to reconfigure the electric grid where they will re-route power around temporarily downed substations or sections of the grid where the fault is present.

An electrical outage caused by a drone attack like the one apparently planned in Pennsylvania could cause a “permanent fault” in the substation – one that could not be corrected remotely. In this scenario, the utility must send workers out to the substation to conduct an assessment and then dislodge the copper wire before bringing the substation back into service. This means that the outage could last hours.

The moment a utility discovered that an act of sabotage caused an outage, it should immediately inform law enforcement to begin an investigation. That investigation may lengthen the electric outage depending on many factors ranging from the safety of the site, availability of evidence, and the working relationship of law enforcement personnel/investigators and their utility partners. Therefore, it is important for utilities to proactively work with law enforcement before events such as these.

When judging the potential severity of the Hershey, Pennsylvania drone attack scenario it would be important to understand what the targeted substation supports. If it were a residential neighborhood or local shopping center, the effects on society would be limited. On the other hand, if it supported critical life sustaining infrastructure such as water/wastewater treatment plants, major transportation or communication hubs, or hospitals/healthcare centers, the effects could be much worse.

This is why it is prudent for those critical infrastructures to maintain resilient back-up sources of electrical power, as recommended by the DHS Cybersecurity and Infrastructure Security Agency (CISA)-led Resilient Power Working Group.

Utilities concerned about drone attacks can enhance their preparedness by conducting a triage to determine the criticality of their substations and their vulnerabilities to sabotage by either ground or air. Physical security barriers and ballistic protection should be installed to protect major transformers at these critical substations.

Cameras, movement sensors, and drone detection technologies should be installed as well, to enable grid operators to rapidly gain an understanding of why a critical substation might experience an outage, thereby enhancing their preparedness to respond and restore power.

While it is physically impossible and financially impractical to protect every single asset against every single threat, there aren’t presently enough mandatory security and protection standards for the electric industry to sufficiently guard its infrastructure.

Two of the most frightening attack scenarios (either by air or by ground) against substations would be that of a coordinated simultaneous attack against multiple substations or an effective attack against substations providing offsite power to nuclear power plants. The first could overwhelm utilities and cause a cascading blackout that could be very long lasting. An attack on a substation providing of off-site power to a nuclear power plant is worrisome because of past reliability issues with the “last resort” emergency diesel generators that keep the reactor and its spent nuclear fuel safe in the event of an outage.

While nuclear plants themselves are exceptionally well-guarded this may not be the case for sources of offsite power. Experts recently recommended that the Federal Energy Regulatory Commission (FERC) create a special task force to ensure that substations supporting offsite power to nuclear plants be assessed for vulnerabilities and immediately protected. This assessment should include physical and drone attack vulnerabilities.

There is a final worrisome scenario not mentioned in the recent Joint Intelligence Bulletin, but that has great significance to the energy industry: the use of foreign-made robotics in both ground and aerial assessments as a platform for intelligence gathering by adversaries. For example, drones are now utilized to inspect powerlines and substation installations and wire-crawling robots inspect and make repairs to transmission lines. Ground and aerial robotics are utilized for direct installation, repair, and corridor maintenance.

Many of these systems are made in, or source key technology components from, foreign countries. Foreign adversaries can utilize this technology to aid in planning attacks on our grid. For example Chinese drone-maker DJI was suspected of collecting and storing data from unsuspecting drone operators in unsecured cloud repositories.

This information can be utilized to not only assess grid equipment condition and vulnerability but may also be used to identify targets and aid planning for cyber or physical attacks. Less obviously, many foreign drones also require that these devices “phone home” to authorize each operation to comply with airspace regulations and license agreements. This forced collection of metadata provides information about the location, frequency, and other operations data that can be analyzed for vulnerabilities.

Experts warned both the Trump Administration Department of Energy and the Biden Administration’s Secretary of Energy about this worrisome vulnerability, requesting the government “prohibit the use of robotics, including drones, that introduce and highlight grid vulnerabilities.” Thus far there has been no prohibition put into place and utilities are often incentivized to just use the cheapest technologies on the market for these important maintenance tasks.

America’s adversaries have long known that America’s Achilles heel is its vulnerable electric grid. The latest revelation of a suspected drone attack in Pennsylvania ought to prompt rapid government and industry action to protect energy infrastructure and plan for its restoration in the event of a major attack. Unfortunately, at the federal level the response has been slow to say the least.

At the local level, law enforcement should work to establish close relationships with industry leaders and develop a thorough understanding of which substations support critical infrastructure in their area of operations. Some states, such as Florida, have laws criminalizing the use of drones to trespass on critical infrastructure facilities. More states should consider the passage of such laws, to enable local and state law enforcement to act judiciously when responding to potential drone threats to critical infrastructure.