Unplugging Cities: The Fragile Nature of Power Substations

Photo by Terry Vlisidis on Unsplash

In the intricate weave of our modern lives, there's a constant humming in the background, one that we've almost become imperceptibly accustomed to – the power that drives our everyday existence. But what if this power, this essential driving force, were to be cut off abruptly? Central to our power grids are substations, and it may come as a shock to many how fragile these pivotal components truly are.

Understanding Substations

Image from energyeducation.ca

Before delving into the vulnerabilities, it's essential to understand what a substation is. In the simplest terms, a substation is a part of an electrical generation, transmission, and distribution system. They transform voltage from high to low or vice versa, making the power usable for homes and businesses.

In essence, power drops off with distance, which is why you cannot have a power station in Moscow, powering the lights in London, there simply wouldn’t be any juice coming out with such distances. A solution to this issue, is to pump out very high voltages from the power station, then lower it to more usable and safe voltage at a substation.

As a backup, most countries have what are effectively substations on the back of flat bed trucks, or mobile substations. In the event that a substation is disabled, either due to attack, natural disaster or equipment failure, these can be deployed anywhere quickly to resolve the downed station.

With all of that said, lets look at the issues with substations.

The Vulnerability of Substations

1. Physical Attacks: Over the past few years, there have been instances across the world where substations have come under physical attacks. Such attacks can involve the use of firearms to damage essential equipment, setting fire to components, or even the use of explosives. Even without intricate knowledge, malicious actors can inflict significant damage, leading to substantial power outages.

2. Cyber-Physical Threats: With increasing connectivity and the rise of smart grids, cyber-physical threats are becoming more prevalent. An attacker, with the right expertise, can remotely compromise systems to either shut down or damage a substation. While this is a possibility, a physical attack is so much simpler and has an almost guaranteed success that locality is the only rational for attackers going this route.

3. Natural Calamities: Beyond deliberate attacks, natural disasters such as earthquakes, floods, or even lightning can severely affect substations. While some damages from these events are recoverable, a significant catastrophe might render a substation entirely inoperative.

Downing Power to Fort Bragg

Image from armytimes.com

Around December of 2022, several individuals decided it would be a good idea to fire rifles into two critical substations outside Fort Bragg NC, and the surrounding locality. In so doing, these people disabled power for thousands of residences and much of the base for several days until emergency services were able to get a mobile substation online and restore power.

I won’t go into detail here as to how this attack was exactly carried out, but it is true that several individuals were able, for a time, to remove power to a large portion of cities and military installations with only a few rifles, rounds and knowledge.

That said, had the USA not had access to an emergency substation, these people may still be waiting for the lights to come back on.

You can read more about the Fort Bragg event here

Because of attacks like this, the emergency mobile substation market has continued to rise, and isn’t likely to change this trend in the foreseeable future.

You may ask how often does this type of thing occur? In the USA in 2022, there were over 100 such attacks, which means that roughly every 3 days, someone is attempting to disrupt or outright destroy the power supply to an area.

I would like to add, that due to the rural and dispersed nature of substations, it can be extremely difficult to catch those individuals who shot and destroyed the substation components.

The Aftermath of a Compromised Substation

Image from mobileenergyinc.com

If a primary substation is damaged or destroyed, the immediate implication is a power outage. But the real challenge lies in the restoration of power. Here's why:

1. Lack of Mobile Substations: Most countries, unfortunately, have a scarce supply of emergency mobile substations. These units can temporarily replace a compromised substation while repairs or rebuilding efforts are underway. Without these on standby, areas dependent on the affected substation are left in the dark.

2. Time to Build a New Substation: Constructing a new substation isn't a matter of days or weeks; it typically takes around two years. This duration includes planning, procurement of materials, actual construction, and thorough testing. It's not hard to imagine the devastating impact of an entire city being without power for such an extended period.

Why Aren't Substations Kept in Reserve?

One might wonder, given the vulnerabilities and the essential role of substations, why aren't there backup substations ready and waiting? The answer isn't simple, but it primarily hinges on costs, space, and the unique nature of each substation.

1. Economic Considerations: Building and maintaining a fully functional backup substation requires a considerable financial outlay. Each substation can cost millions of dollars, and that's before considering maintenance costs. With tight budgets and competing needs, utility companies often prioritize immediate requirements over potential future contingencies.

2. Space Constraints: Substations require a considerable amount of space. Urban areas, where substations are frequently needed due to high power demand, often have limited available land. Keeping a substation in reserve would mean dedicating a significant plot of potentially prime land without deriving immediate benefit from it.

3. Unique Infrastructure Requirements: Each substation is often tailored to the specific needs of its location, including the power load it handles, the type of equipment used, and the nature of the surrounding grid. This customization means that a one-size-fits-all backup is rarely feasible.

4. Time-Consuming Construction and Testing: As previously mentioned, constructing a substation isn't a quick process. It can take up to two years to build, test, and commission one. This duration doesn't only stem from the construction itself but also from intricate planning, bespoke design, and rigorous testing to ensure that the substation can handle the area's specific needs.

The Big Picture

Every modern city requires power, and a constant flow of it to function. Substations represent a vital component of the power supply chain, and yet

• have next to no real physical security

• Are located in rural areas that are largely unsupervised

• Are not guarded

• Are a vital component of the electrical supply line

A physical attack with a rifle for example, is an unsophisticated attack, at very low cost but has the potential to devistate entire cities power supply.

In this blog I am obviously not explaining exactly how to carry out these attacks, but realize just how fragile these systems really are, and just how much we all rely on them functioning at all times.

The Way Forward

Given the importance of substations and the potential repercussions of their failure, there's an urgent need to enhance their resilience. Some measures include:

1. Security Enhancements: This involves both physical barriers such as fencing, surveillance cameras, and guards, as well as cybersecurity measures for connected systems.

2. Investment in Mobile Substations: Governments and power companies must recognize the importance of having mobile substations ready to be deployed. These units can be a crucial stop-gap while more permanent solutions are sought.

3. Public Awareness and Vigilance: The public should be educated about the importance of these infrastructures. Often, local residents can act as the first line of defense by reporting suspicious activities.

In conclusion, while our world races towards increasing digitalization and connectivity, we must not forget the foundations upon which this digital world stands. It's imperative to protect and bolster our physical infrastructures, particularly those as critical as power substations.

Training Resources:

For individuals looking for a hands on training that includes all of the above topics, Covert Access Team (covertaccessteam.com) provides training courses focused on physical penetration testing, lockpicking, bypassing techniques, social engineering and other essential skills.

• Covert Access Training - 5 day hands on course designed to train individuals and groups to become Covert Entry Specialists

• Elicitation Toolbox Course - 2 day course of that primarily focuses on elicitation and social engineering as critical aspects of Black Teaming

• Cyber Bootcamp for Black Teams - 2 day course designed explicitly for physical penetration testers who need vital cyber skills to add to their toolbox.