Governance & Risk Management
,
Operational Technology (OT)
Compromised Equipment, AI Leave US Electric Grid Susceptible to Chinese Cyberattack
China poses a growing threat to electric infrastructure due to increased capabilities, potentially compromised equipment and the rise of artificial intelligence, experts told Congress Tuesday.
See Also: Maximize OT Server Uptime in Factory Floor Environments
A 2022 national intelligence report indicated that China intentionally targeted natural gas transmission and pipeline systems for disruption, said Paul Stockton, who was Assistant Secretary of Defense from 2009 to 2013. China is capable of launching cyberattacks that could disrupt infrastructure services within the U.S., including against oil and gas reserve, said former Assistant Secretary of Energy Bruce Walker (see: US Officials Urged to Examine Chinese Risk to Electric Grid).
“China again continues to demonstrate how patient they are and how stealthy they are as seen in recent attacks,” said Manny Cancel, CEO of the Electricity Information Sharing and Analysis Center and senior vice president of the North American Electric Reliability Corporation. “They’re actually quite adept at obfuscating what they’re trying to do.”
Stockton, Walker and Cancel testified alongside Idaho National Laboratory Technical Relationship Manager Sam Chanoski at a House of Representatives energy and commerce subcommittee hearing focused on emerging threats to the United States’ electric energy infrastructure. Cancel said China has really stepped up its game when it comes to looking for vulnerabilities on the electric energy networks.
Use of Chinese Components Poses Risk to Utility Operators
One significant risk to the electric grid is continued reliance on commercially available communications equipment made by Chinese manufacturers ZTE and Huawei. Despite Congress ultimately authorizing $5.6 billion to remove ZTE and Huawei equipment from critical infrastructure systems, only $41 million has been spent to date, meaning electric utilities are still using many pieces of comprised equipment.
Outside of communications equipment, Stockton said China is also an important producer of inverters have been deployed across the U.S. Similarly, Cancel said federal procurement laws force electric utility operators to buy “grossly underpriced” Chinese large power transformers since the U.S. government has failed to invest in programs that would make American transformer production economically viable.
“When looking at the supply chain, it’s not just the availability of critical products, but also the risk that China will exploit these products in order to conduct attacks on the grid,” Cancel said.
Artificial Intelligence Poised to Alter Attack, Defense Calculus
Stockton expects artificial intelligence to be a critical enabler of Chinese planning and execution of cyberattacks against critical infrastructure systems. He said the U.S. electric grid is already highly automated for speed purposes, but urged lawmakers to examine how AI can boost critical infrastructure defense and ensure operators aren’t using commercially available AI that’s susceptible to compromise.
“What’s it going to take on our side to strengthen our automated defenses when these attacks are coming at us at greater speed and scale because humans are not directly involved?” Stockton asked.
Cancel said E-ISAC works closely with both the Energy Department and the intelligence community to understand the true nature of Chinese cyber threats and get information out to members about both the risk as well as mitigation steps. The mitigation instructions must be both clear and concise and feasible for all utility operators regardless of their size, according to Cancel.
“China again continues to demonstrate how patient they are and how stealthy they are.”
– Manny Cancel, CEO, E-ISAC
Stockton, meanwhile, called for greater collaboration between the electric and the oil and gas sub-sector to develop critical infrastructure that’s more resistant to and resilient in the face of cyberattack. In the long-run, Cancel said U.S. critical infrastructure operators must worry not only about China but also Russia, which successfully shut down the power grid during 2015 and 2016 cyberattacks in Ukraine.
“The grid faces increasingly severe threats stemming in part from the growing capabilities of China and other potential adversaries,” Stockton said. “How can we tailor our strategies to counter the objectives that China and other potentially adversaries are likely to try to achieve?”