1

The Future Ain’t What it Used to Be (with apologies to Yogi Berra)

Cyber Security & Liability

George Adkins, Wortham Power Gen Insurance

Managing Director, Power Generation Practice Leader

ENERGY NORTHWEST PUBLIC POWER FORUM

2

THE FUTURE IS HERE - STUXNET

• STUXNET (2010) – Goal - Sabotage Iran’s Nuclear Program – Target Programmable Logic Controllers (PLCs) – Siemens Step7 Software on Computers Controlling a

PLC – Worm File that Automatically Propagates – Reprogrammed PLC to Vary Speeds of Centrifuge – Included Tool that Indicated Proper Speed to Operators – Tied to Joint U.S./Israeli State Sponsorship

3

THE FUTURE IS HERE - PREN

• PREN Blackout – (DEC 2015) • Western Ukraine Power Grid Cut Off • “Sphear-Phishing”

– Employee Opened Infected E-Mail Attachment

• “Black Energy” Malware – Shutdown/ Prevent Reboot

• Found on U.S. Utility Networks in 2014

– No Known Disruptions • Attack Link – Russia State-Sponsored

4

THE FUTURE IS HERE – Distributed Denial of Service

• Distributed Denial of Service (DDoS) Attack Shut Down DNS provider • Overloading System With Requests Takes it offline

• Used Internet-Connected Devices (Internet of Things) – DVRs & Webcams – Botnets Allow Remote Take Over

• DDoS Attacks 125% increase since 2015

CNN Article Friday October 21, 2016 “Ordinary Devices Turned Into Weapons”

5

THE FUTURE IS HERE - RECAP

2010 • WORM affects Seimans Software Based PLC • Reprogrammed to Vary Speeds of Rotating Machinery • Hid Speed Variance from Control Room Operator

2015 • PREN Power Grid Shutdown Using “Black Energy” Malware • Variation of Same Malware Found on U.S. Utilities in 2014

2016 • Hacker Uses Internet of Things (Not Traditional Computers) • Overload/Shutdown Industry Middle Man Distributor • Shutdown 3rd Party Access to Information Databases

• 2 of 3 Considered STATE SPONSORED

6

THE FUTURE IS HERE – POWER/UTILITY CORRELATION?

• Internet of Things – Smart Meters & Distributed Generation Connections

• Middleman – ISO/RTO’s?

• Rotating Machinery/PLC’s – Turbine Overspeed/Generator Sync? – Lube Oil/Cooling Water Pump Controls

• State Desired Damage to Critical Infrastructure

• Sun Tzu’s – “The Art of War” • Stratagem – “Kill with a Borrowed Sword”

– Use the Enemy’s Own Strength Against Him – No Longer Focusing Solely on Vulnerability

7

Verizon – Who is Being Breached 2015 Data Breach Investigations Report

8

BakerHostetler - What is Causing the Breaches 2016 Data Security Incident Response Report

9

Breach Preparation

• Preventative and Detective Security Capabilities

• Threat Information Gathering

• Personal Awareness and Training

• Proactive Security Assessments

• Assessing and Overseeing Vendors

• Developing, Updating and Practicing Incident Response Plans

• Understanding Current and Emerging Regulatory Hot Buttons

• Evaluating Cyber Risk

Does your organization have a data breach response plan in place in the event of a data breach?

Source: Advisen 2015 Survey On Current State of Trends and Information in Information Security and Cyber Liability Risk Management

Source: BakerHostetler 2016 Data Security Incident Response Report

10

Hometown Connections/APPA Cyber Security Resources

• No Cost Cyber Security Evaluation • Produces Follow-on Report (No Cost) • http://worthampowergen.com/cyber-risk-evaluation-tool.html

• Reduced Cost Cyber Threat Monitoring Service (N-Dimensions) • http://www.hometownconnections.com/engineering-operations/n-dimension-solutions/

• Cyber Insurance Financial Protection • http://worthampowergen.com/cyber-liability-application.html

• Insurance Includes Incident Response Services • Legal/Mitigation • Computer Forensic • Notification/Call Center • Fraud/Extortion Resolution • Public Relations/Crisis Management

Energy has never been cheaper than it is now

Spending on energy did not fall below 20% of GDP until the middle of the 1800’s - the beginning of the fossil fuel age

In the preindustrial era, food was fuel for power as well as for life Courtesy of Carey King, UT Austin

What is the fastest growing energy source in the world?

Coal

0

10,000

8,000

6,000

4,000

2,000 Glob

al C

onsu

mpt

ion

(T

Wh)

Wind

Solar Geo and Biomass

Hydro

Nuclear

Gas

World

2015 1965 1975 1985 1995 2005

What is the fastest growing energy source in the world?

Non-Fossil Fuels Gl

obal

Non

-Fos

sil F

uel

Cons

umpt

ion

( TW

h)

0

Wind Geo and Biomass

Hydro

Nuclear

World

2015 1965 1975 1985 1995 2005 Solar

5,000

4,000

3,000

2,000

1,000

How Do We Achieve a Low-Carbon Future for Washington State?

• Electric vehicles are the most effective way in Washington State to address the petroleum fuel issue because the majority of electricity generated in WA State is from non-fossil fuel.

• Washington State is already the lowest carbon-emitting state - 78% hydro, 9% nuclear, 6% wind, 4% coal, 3% natural gas

• WA State emissions have decreased since 1990, because of lower emissions in the agriculture and the industrial sectors.

• Our only coal plant is closing in 2025 and will eliminate almost half of our emissions from power sources.

• Gasoline largest source

Easily – We Already Have

Electric Charging Stations

• CAR & any type of CAP/C-tax must be reconciled so as not to hurt WA State and not intro-duce ridiculous outcomes. Rules need to focus on encouraging e-vehicles. Hydro needs to be re-defined back as renewable and nuclear defined as low-C.

A fully-electric vehicle in Washington State gets the equivalent of over 100 miles/gallon

Electricity generation in WA State

is over 90% non-fossil fuel because

of hydro, nuclear and wind.

Electric vehicles in WA are green,

equivalent to getting over 100 mpg.

Electric vehicles charged in Indiana

are no greener then ordinary cars

using gasoline and getting 30 mpg

because over 90% of their electricity

is generated from coal.

If Washington State replaces 80% of our cars with electric vehicles by 2040 we would cut CO2 emissions by 60%

Were Judith and Jim unethical for installing rooftop solar on their house?

Solar benefits more from State programs:

Conca/Wright 4 kW rooftop solar array installed March 2015

Federal - 30% tax credit ~ $6,000 WA State - 54¢/kWh buy back ~ $12,000/5 years

House has used 20,379 kWhs during the last 12 months House bought 16,010 kWhs @7¢/kWh for $1,121 from the city

PV system has produced 4,589 kWhs of which House used 2,943 kWhs, avoiding $206

I received a check from WA State in July for $2,478 Net cost of electricity for House is -$1,357

Thank you, or please thank your parents, for paying for all my electricity and for the entire PV system

plus paying me $1,357