For more than a week now, America has been reckoning with the weaknesses of its energy distribution system, from insufficient pipeline protection to the need for new and improved power grid infrastructure. The May 7 cyber-attack on the Colonial Pipeline has shed new light on a situation that had previously been discussed ad nauseum, to no avail. In-depth studies have taken place and proposals for federal and state intervention have been presented, but there has so far been no concrete response, particularly at the political level.
A hacker attack that blocked a major oil pipeline
American consumers were left to deal with the fallout of a major oil pipeline interruption. Colonial Pipeline is an almost 9,000-kilometer (5,500 mile) pipeline that transports 3 million barrels of fuel per day, between refined gasoline and diesel, from Houston to New York. The pipeline is privately owned (the largest shareholder is family-controlled Koch Industries, with 28% of the capital) and it responded to the ransomware attack by shutting down the computer system, removing traces of the intrusion and rebooting the system. This was after paying DarkSide hackers a $5 million ransom on May 13, according to U.S. media reports.
With the highest refining capacity in the United States, the Gulf Coast area is responsible for up to 8.4 million of the 15 million barrels of crude oil refined each day, and the eastern United States relies heavily on it. The attack caused service interruptions on this highly important fuel transportation route and had immediate repercussions. Gas prices for cars and airplanes immediately went up, reaching 2014 levels. There were stock market rebounds for energy companies; delays and disruptions in the consumer product distribution system; and problems with water and electricity networks, affecting basic public services.
Us electric grid vulnerability
The Department of Energy (DOE) has kept a watchful eye on America’s electricity grid for years, since it has long been under threat of cyber-attacks, particularly in light of growing reliance on monitoring and control technologies. According to Digital Shadows, a London-based cybersecurity firm surveyed by the BBC, hacker intrusion on private industries has increased during the COVID-19 pandemic. Since the situation has forced IT departments to grant remote access to their technicians, corporate network protection systems have been weakened.
So far, the Department of Energy has focused its efforts on the risks facing grid generation and transmission systems. After the Colonial Pipeline attack, however, it became clear that the distribution system is the weakest link, in part because U.S. utilities are generally not subject to mandatory federal cybersecurity standards.
About ten days prior to the Colonial network intrusion, coinciding with other cyber-attacks on high tech company SolarWinds and the Microsoft Exchange server, Energy Secretary Jennifer M. Granholm announced a 100-day plan to strengthen security systems for the country’s electrical infrastructure. In a statement, Granholm said, “The United States faces a well-documented and increasing cyber threat from malicious actors seeking to disrupt the electricity that Americans rely on to power our homes and businesses. It’s up to both government and industry to prevent possible harms – that’s why we’re working together to take these decisive measures so Americans can rely on a resilient, secure, and clean energy system.”
The statement came on the heels of criticism of the Jobs Act, which takes aim at revitalizing American infrastructure, but has not outlined any expenditures toward protecting power grid security against hacking risks. At this point, these expenditures could be added in while the plan awaits approval by Congress.
Defending the country’s vital infrastructures
President Joe Biden himself has emphasised the need for closer collaboration between the public and private sectors to defend the country’s vital infrastructure.
“My administration,” he said on the day the pipeline was restarted, “is continuing to safeguard our critical infrastructure, the majority of which is privately owned and managed, like Colonial Pipeline. Private entities are in charge of their own cybersecurity, and we need — and we have to — we know — we know what they need. They need greater private-sector investment in cybersecurity. And that’s why we launched a new public-private initiative in April that is focusing on strengthening cybersecurity in the electric sector for natural gas, for pipelines, as well as water systems and other lifeline sectors.”
Provisions for plants’ anti-hacking security could, then, be made within the White House’s current framework for clean energy and the fight against climate change. Notably, a research report by the organization Americans for a Clean Energy Grid entitled “Transmission Projects Ready to Go: Plugging into America’s Untapped Renewable Resources” has been published on the White House’s website.
Progress on the 22 high-voltage transmission projects identified in the report would trigger $33 billion in investments and create approximately 600,000 new jobs, including 240,000 direct jobs plus 360,000 indirect and induced jobs. The use of wind and solar energy that this investment would enable could create an additional 640,000 jobs, bringing the total to about 1,240,000 jobs.
Investment needed to revitalise energy infrastructure
The American Society of Civil Engineers (ASCE) made the latest assessment of energy infrastructure in its 2021 report, assigning it a grade of “C-“. While this was an improvement from the D+ it earned four years ago, it’s still inadequate, particularly given the increase in annual spending on high-voltage transmission lines, which went from $15.6 billion in 2012 to $21.9 billion in 2017. The report also points to 54% growth in annual spending on distribution systems – the so-called “last mile” of the power grid – over the past two decades.
According to ASCE, utilities are now better equipped to strengthen the electric grid through resilience measures. Weather, however, remains a growing threat. In the 638 transmission outage occurrences reported between 2014 and 2018, severe weather was cited as the primary cause. This was in part because many of the nation’s 8,625 power plants were deliberately built near the coast for water access. As a result, when hurricanes strike, power plants then suffer significant damage from flooding.
“In the coming years,” the ASCE report states, “additional transmission and distribution infrastructure, smart planning, and improved reliability are needed to accommodate the changing energy landscape, as delivery becomes distributed and renewables grow.”
This increase is already underway, as renewable electricity generation increased from 18% in 2019 to 20% in 2020 and is expected to rise to 22% in 2021, continuing to expand its lead over coal (20.1%).
America’s electric backbone depends on an old, complex patchwork of power generation facilities, 600,000 miles (965,000 kilometres) of transmission lines (240,000 miles, or 386,000 kilometres, of which are high-voltage), and about 5.5 million miles (8.8 million kilometres) of local distribution lines operating within federal, state, and local regulatory jurisdictions. Most of the national grid is aging, with some components more than a century old, well beyond their 50-year “life expectancy”.
By contrast, U.S. energy production has exceeded annual energy consumption for the first time since 1957, and the grid is increasingly strained. Estimating the annual cost of power outages at up to $169 billion (€138 billion), the White House has included a $100 billion (€81 billion) investment in the national electricity system in the Jobs Act. According to analysis by ASCE engineers, this means there is an estimated infrastructure need of $208 billion (€170 billion) by 2029 to increase reliability and prevent blackouts and energy supply crises such as the one faced by Texas in February.