Everything In Life Is A Trade Off
The DOE Warns: New Energy Systems Can Expose You to Criminals
You see them everywhere; you’ll be seeing a lot more of them. Rooftop solar panels, most made in China, along with battery systems that store the energy they sometimes produce, will proliferate in the coming decade. And as they do, expect the proliferation of hacking: the exploitation of integrated systems that allows criminals access to steal information from you, or worse, to force you into paying a ransom to them as a condition to release your property to you.
So warns the Department of Energy in a report released just this month: Cybersecurity Considerations for Distributed Energy Resources on the U.S. Electric Grid.
The DOE lays it out plainly:
To address the impacts of climate change, the U.S. electric grid will be undergoing significant changes by integrating clean energy resources such as solar and wind. These efforts will be accelerated with the recent passage of the Infrastructure Investment and Jobs Act and the Inflation Reduction Act. Furthermore, electric customers will continue to adopt intelligent energy devices, including smart lighting and thermostats, which will be able to communicate with rooftop solar, electric vehicles, and more. These efforts will be critical for combating climate change….
It’s all there. The hysteria of climate change, the hundreds of billions in government subsidies (without which these “clean energy resources” would be floundering), the transition being speedily forced upon us, and your inevitable vulnerability because… “climate change.”
Just as new refrigerators can message the grocery store that you’re low on milk, so will your solar panels speak to the electric car parked in the garage. And with each of these automatic interactions, there’s potential vulnerability.
Is this all a bit “Tin Foily”? Are we at The BEC a bit paranoid? It can’t happen to you?
Hackers famously targeted New Orleans City Hall in 2019, and as more points of entry are installed in and around your home, this trend will only accelerate and expand, from large institutions like a city hall to more common, abundant and potentially easier targets: your electronic devices and appliances, your cars, and your rooftop solar panels.
The DOE continues:
The high deployment of solar energy and other distributed energy resources [DER] pose emerging cybersecurity challenges for the electric grid. DER already provide many automated features and their deployment is coupled with transitioning to a digitally interconnected power grid. Cyber attackers frequently evolve their techniques to attack information and operational technology systems.
Is the DOE saying that we used to be better protected when the power company produced and distributed energy? Yes, we all were…
Historically, utilities were the primary entity for securing the electric power grid. As DER connect to the grid, the emerging DER industry also will bear responsibility for securing the DER they manufacture, deploy, maintain, and operate. As many DER industry members have not been part of the historical partnerships and oversight that operated and maintained the power grid, electric power reliability, and security requirements, the responsibility needs to be established for this emerging industry. In addition to this grid transformation, the rapid evolution of ransomware threats, converging information technology and operations technology systems, increasing cloud-based communication and control systems, and expanding automation to remove a human operator-in-the-loop also create new cybersecurity challenges.
In other words, you’ll be only as safe as the systems producers and installers allow you to be. And you may be vulnerable because your neighbor is lax. The opportunities for criminals will only expand. Indeed, things will not be as they used to be… the entire system is being reworked, and to their credit, the DOE lays it out plainly, in very simple language:
A grid that is heavily diffused with DER will behave significantly different from a traditional grid. Traditional grids are primarily built to be supplied from the bulk transmission system, supplying power to consumers of electric power at the edge of the grid. This greatly simplifies the design of these grids as they essentially operated as one-way streets where the power only flows down from the larger system into the smaller distribution systems. However, DER now supply energy from the edge of the grid throughout the local distribution grid and even up into the transmission grid. This results in new two-way streets with the associated additional complexity from figurative stop signs, streetlights, and lane markers. This level of electrical bidirectionality requires new designs, controls, and protection schemes at the distribution level where they did not exist before.
We at The BEC are alarmed by these trends and feel the need to inform and warn the community. The Department of Energy has laid out the risk with absolute clarity:
In electric power control systems today, an implied trust relationship is common for the communications infrastructure. If industrial systems can talk to one another, they trust each other to provide accurate information and commands. Attackers who have inserted themselves into this trust relationship can poison these systems, causing them to act counter to reliability and resilience requirements. The sheer scale of DER deployment, the wide range of communications options, and the level of access required by various stakeholders will show implied trust does not scale in a resilient manner for DER. Compromises to an implied trust relationship are difficult to discern or reliably block.
Powerful, government-backed forces now target us, among them the rushed and reckless move to energy production systems like solar panels on your roof. These are not a “silver bullet” solution for problems that may ail us. They can bring risk and vulnerability.
Certainly, these systems on the whole - solar/wind/battery - are a breeding ground for the government+industry interdependence that spawns incompetence, opportunism, corruption, and outright criminality.
We also will note that nowhere in the DOE’s report is there any mention of nuclear energy as an excellent and safe option for energy production - a path toward “zero emissions,” a solution to “climate change.” This glaring omission disqualifies the government, as well as much of the energy industry and the green movement, from any consideration as being sincerely motivated or trustworthy.
These people very well may destroy the environment in their effort to “save the planet,” and in the process expose you and your home to the same destructive forces.
Don’t let them.
They’re not trying to “save the planet.” They’re trying to rid the planet of what they think is a plague - us. It’s not like they’re secretive about it either.