EMP Effects on the Power Grid versus Cyber Attack

We live in a marvelous time where technological advancements have boundlessly expanded human capabilities and opportunities.  Unfortunately, we also live in a time where the specter of electromagnetic pulses (EMPs) looms as a stark reminder of our vulnerability. An EMP is a burst of electromagnetic radiation emanating from certain types of high energy explosions, such as a nuclear detonation in the atmosphere, or from a suddenly fluctuating magnetic field. The concept, while sounding like something straight out of a science fiction novel, carries significant implications for modern society. 

EMPs can disrupt or destroy electronic devices and systems, potentially crippling infrastructure, communication networks, and any technology reliant on electricity. The pulse works by inducing high voltage currents in electronics and electrical systems, overwhelming circuits and rendering them inoperative. The range and severity of an EMP’s effects can vary depending on the altitude and magnitude of the explosion. The higher the altitude of detonations the larger the land area affected. 

The threat of EMPs is certainly dramatic.  Experts consider the likelihood of such an attack on the United States to be low. The complexity of executing an EMP attack, together with the global ramifications of detonating nuclear weapons, places it firmly in the realm of extreme scenarios. However, it serves as a theoretical benchmark for understanding vulnerabilities within the national power grid. 

Contrastingly, a more plausible threat to the U.S. power grid comes from cyber-attacks and physical sabotage. Unlike the broad, indiscriminate impact of an EMP, targeted attacks on the power grid can be conducted by nation-state actors, terrorist groups, or even nefarious skilled individuals. These attacks can disrupt power supply, damage infrastructure, and incite chaos without the need for nuclear intervention. The barrier to entry is significantly lower.  

The power grid (a complex network of power plants, transmission lines, and distribution centers) is integral to the functioning of the country. Therefore, it is a tempting target for our adversaries. Cyber-attacks, in particular, have become increasingly sophisticated, with potential attackers exploiting vulnerabilities in software and hardware to gain control over systems, shut down operations, or even cause physical damage.  According to a report from the security firm, Armis, global attack attempts on utilities increased 200% in 2023 compared to 2022.   

Comparing an EMP scenario with the more likely threat of cyber-attacks or physical sabotage on the power grid highlights significant differences in preparedness and response. While the former requires hardening electronics and infrastructure against an overwhelming and indiscriminate force, the latter necessitates robust cybersecurity measures, physical security enhancements, and continuous monitoring of the grid’s health. Today the only truly viable solution to the cyber threat is called “Zero Trust.” 

Zero Trust is a security strategy where one of the main principles is that each request is verified even if it lies behind a corporate firewall. It’s like going to Costco. You need to show your membership card to get in and check out. Another principle is to limit user access to just those areas necessary to do their job.  And lastly, in a Zero Trust environment, the designers assume a breach and structure the network to limit the damage that an incident could cause.  

The U.S. government and utility companies have recognized these threats. The Executive Branch has decreed Zero Trust is the future. Such an initiative includes upgrading existing cyber defenses moving from a default-allow to default-deny; conducting regular vulnerability assessments; and participating in national grid security exercises. These efforts aim to mitigate the risks posed by targeted attacks, ensuring the resilience and reliability of the power grid. 

While the concept of an EMP attack captures the imagination with its catastrophic potential, the reality is that more mundane threats pose a greater risk to the U.S. power grid. Cyber-attacks and physical sabotage represent tangible, immediate challenges that require ongoing attention and resources to defend against. By understanding and implementing a Zero-Trust approach for these likely scenarios, the United States can ensure the stability and security of its power grid against the evolving landscape of threats in the digital age. 

Original article can be found here.

Layers of Defense Against the Plague

Plague. What an ugly word. So ugly, indeed, it is rarely used to depict anything less than apocalyptic. Now another word has unmasked our distant socializing. COVID-19.

My daughter (now living in distant Texas) told me over the phone she is SICK of COVID-19. Not with. Of. She came down with a cold last week and had to get a COVID-19 test. Just to be sure. She was livid. She threw her steel water bottle at the tile floor.

Your Immune System: I spoke to a friend in the medical field last week about how the COVID-19 vaccine works, and how our immune system uses it. He explained there are several layers of defense inside the body.

The Skin: The first layer of defense is the skin. It keeps most pathogens out of the body. Problem is, there are a couple of orifices through which a pathogen may enter. Primarily the nose and mouth.

Innate & Adaptive: Once inside there are two main systems involved in eradicating the threat. The “innate” and the
“adaptive”. Newborn babies are immediately protected by the innate immune cells. Innate immune cells recognize “general” danger. The other system is the “adaptive” system. It’s the one that recognizes specific pathogens.

Going Deeper: There are sublayers of these two systems. Bone marrow, the spleen, the lymphatic system among others less well-known to the general public due to social distancing I’m sure. All are critical to our survival. If any of these additional layers malfunction, or cease to function, the results can be catastrophic.

Just Like Cyber Defense: By now you are wondering, this is all fine and good, but what does it have to do with computers? Let me explain. Our physiology uses two proven methodologies to protect us. Both of which are also applicable to computer, network, and information security. One is “Defense in Depth”, the other is “Zero Trust”. It’s kind of like this. Imagine if the only defense your body had against disease was your skin. How long do you think you’d survive?

Holes in Your Defense: Your skin is like the firewall of the body. You need it for sure. And it DOES keep out a lot of pathogens. But remember the two BIG weaknesses in that defensive layer of skin? You need to eat and breathe so you can’t close those ports. They have to remain open. And generally, that’s how pathogens get in and you get sick. In like manner, the firewall you use on your network has two gaping holes. One for internet, and one for email. And generally, that’s how malware gets in and you get ransomware.

Antibodies: Once inside your body, a virus is detected as foreign and immediately attacked. Then the antibodies build a memory so if that specific virus ever comes back, the time to eradication is significantly reduced. Your Immune system can also fight pathogens your body has never seen before. Anything that isn’t known by your body to be good is immediately attacked.

The Problem with Cyber Defense: Imagine if your body only eliminated those pathogens it KNEW was BAD. The human race would never survive. Unfortunately, this is EXACTLY the approach we’ve taken with computer and information security. The expensive firewall you have at the edge of your network is like your skin. Complete with two gaping holes for internet and email access. Holes through which the pathogens enter your network. You have antivirus too. But it only stops what it KNOWS is bad. What about all the bad it doesn’t know about? There’s the problem. Because there are over 100,000 new malware variants EVERY DAY. 100,000 new malware variants your antivirus knows NOTHING about, cannot detect, and will not stop.

AppLocker: Just like the human race would never survive with that approach to pathogens, networks succumb to ransomware and other malware every day. For that very reason. They only stop what they know is bad. Fortunately, there is a solution. It’s sitting in your operating system already. It will stop about 95% of all the new malware. Even if it’s never seen it before. It’s the adaptive immune system of your computer. On Windows it’s called AppLocker. But you have to enable it. It’s turned off by default.

Contact the CyberGuys from CyberEye about how to do that at no cost to you.