Last April, just after 12am on a still spring night in a remote location in San Jose, California, an unknown person slipped into an underground vault and cut telephone cables, hindering emergency services calls.
Shortly after, snipers succeeded in disabling 17 giant transformers at the nearby PG&E Metcalf substation which provides power to the Silicon Valley. By shooting the cooling fins the attackers caused 52,000 gallons of oil to leak out, shutting down the transformers. As the systems started failing a power plant operator managed to contact emergency services just after 1.30 am. By the time police arrived the snipers had fled into the night. In all, it is estimated the attack took less than one hour.
Despite this coordinated and highly sophisticated attack on the region's power supply, residents in the Silicon Valley were none the wiser. Power was successfully rerouted around the site and production was ramped up at other nearby power plants. The attack could, however, have caused mass outages across large portions of the California Bay area.
The American public remained largely unaware of the event until January 2014 when Jon Wellinghoff, chairman of the Federal Energy Regulatory Commission (FERC) at the time, spoke publicly about the attack, calling it "the most significant incident of domestic terrorism involving the grid that has ever occurred."
America has been wholly focused on mitigating cyber terrorism on the grid, but last year's attack has highlighted the physical weakness in the country's electricity infrastructure and, in turn, weaknesses that likely exist in the UK and other Western nations' energy infrastructures as well.
Since Wellinghoff has come out to speak about the event, debate has raged over what could or should be done to protect this vital infrastructure and whose responsibility it is to do so. But, as many others are asking, after so many years without a serious co-ordinated attack, is the situation really as critical as Wellinghoff claims?
How real is the threat of terrorism on power stations?
Dr Arunas Molis, the centre's head of strategic analysis and research, gives us the lowdown on Nato's ongoing work tackling energy security.
After the Metcalf attack it is impossible to say a threat doesn't exist and in a post-9/11 America the threat is definitely discernible. Measuring the urgency and potential impact of that threat, however, is more difficult.
Most attacks on energy infrastructure in the US involve disgruntled farmers vandalising transmission lines they object to, or bored hunters taking pot-shots. But, considering most substation are, according to Wellinghoff, protected only by CCTV, internal lights and a chain-link fence, as was the Metcalf substation, the potential is there to take out several of the approximately 150,00 substations in the US at once creating widespread outages that could have an huge economic toll and potentially lead to chaos.
Terrorist attacks on energy infrastructure are more common than many might think. According to a report by the Electric Power Research Institute (EPRI), which conducts research on issues related to the electric power industry in the US, from 1996 - 2006 there were approximately 2500 attacks from terrorist groups against transmission lines and towers in various parts of the world and 500 attacks on substations.
Janine Davidson, senior fellow for defence policy at the Council of Foreign Relations, says to cause significant power outages via an attack would take much skill and knowledge and therefore not be that easy, adding: "The bar for a seriously disruptive physical attack is high given the number of people that would need to be involved and the coordination and synchronisation required to carry out simultaneous attacks across multiple sites."
It's clear the Metcalf attackers, which at the time of writing have not been caught, obviously had detailed knowledge of the site and what they needed to shoot in order to disable the transformers. But, for whatever reason, they still missed three transformers enabling the power to remain temporarily on.
However, as Wellinghoff pointed out in a PBS Newshour interview, power may have been unaffected because it was the middle of the night in spring and demand was low. "If the attack had taken place...in the middle of summer in a very high-power usage time, there might have been a different result," he warned.
Davidson says she doesn't want to 'downplay' the potential for attacks but adds that "no public system can be 100% perfectly secure" and that "we need to keep things in perspective."
EPRI fellow Clark Gellings agrees with Davidson, saying: "It speaks to this question: do we really need to worry if there is a co-ordinated attack? Sure, we are concerned about it, but it wouldn't necessarily cause quite the panic people think it would. The power system is really rather resilient."
Mitigating attacks and planning co-ordinated responses
It may be difficult to judge the level of the threat but it seems most are in agreement that the security around energy infrastructure needs to improve.
Wellinghoff has suggested simple measures such as making fences around substations opaque, increasing camera security and putting concrete barriers in front of transformers.
In its December 2013 report 'Assessing and enhancing the security of transmission grids from intentional physical attack' EPRI recommends vulnerability assessments, remote monitoring and further research and development into "opportunities to address physical security." Some potential measures include self-healing tanks and radiators, which have been used on military aircraft and race cars for years, and blast and ballistic mitigation solutions for critical power transformers currently in development at the University of Kentucky.
Gellings say EPRI is working on creating 'vests' for the transformers "that would surround the transformer and really insulate it from projectiles, such as a bullet."
In the context of nuclear power, the term ‘black start’ at first conjures up images of sinister government secrecy and doomsday scenarios. The reality is far less dramatic, but no less intriguing.
In regards to attack response Gellings says since 9/11 the focus has been on what would happen if a piece of critical infrastructure was attacked and how quickly a replacement could be found. He says the industry has put together a programme creating an inventory of the biggest, most vital pieces of equipment, such as circuit breakers and transformers, so that in the event of a critical incident a replacement piece of equipment can be found. According to Gelling the Department of Homeland Security and EPRI have developed what they call a spare transformer purposefully designed to be easily transported.
Is decentralisation the answer?
Mike Jacobs, a leading member of the Union of Concerned Scientists, who works on electricity markets and regulatory reform, believes the real key to mitigating wide-spread electricity outage - due to criminal attacks or otherwise - is to decentralise the grid.
"I think ultimately the answer comes from flexibility and power supplies that are much more decentralised," he says. "Rather than the reaction being 'we need more security', I would hope, instead, we use that kind of vulnerability as one of the criteria for making future decisions."
Gellings says the US is seeing increased local generation, with 400,000 homes generating their own electricity. "As the years go on we are going to be able to operate the power systems in a truly integrated way and minimise the impact we have on any one piece of equipment," he says.
However, he adds that he isn't advocating decentralisation of the grid, and instead supports the idea of adding more decentralised resources but keeping them integrated because "true resilience comes from the combination of the two".
EPRI insist the utility industry is making progress but Wellinghoff, while recognising some of this progress, said in his PBS Newshour interview that any changes "are not extensive enough."
Whose responsibility is it anyway?
This brings the debate to another issue that has proven rather contentious - who is responsible for providing 360-degree protection of the grid and should it be voluntary or mandated?
Wellinghoff said in the PBS interview: "We need an agency and an administration to be given the authority...over these grid stations."
This is a view backed by four lawmakers who wrote a letter to FERC and the North American Electric Reliability Corporation asking them to utilise their authority gained in a 2005 law to "determine whether additional minimum standards regarding physical security at critical substations and other essential facilities are needed to assure the reliable operation of the bulk power system", suggesting the current voluntary approach isn't enough.
However, FERC declined to do so, stating that a "rule-based approach for physical security would not provide the flexibility needed to deal with the widely varying risk profiles and circumstances." Many industry insiders agree with FERC's decision.
According to the Wall Street Journal a spokesman for Department of Homeland Security said it is up to utilities to protect the grid and the department's role in an emergency is to connect federal agencies and local police and facilitate information sharing.
But while utilities are expected to invest in technologies to reduce outages, which they do for other threats, such as severe weather, Jacobs says: "It isn't up to the utility companies to protect against criminal attacks beyond having a lock on their door. Whose responsibility is it? I don't think we have really had that discussion," he adds.
Davidson, who says she doesn't believe in the need for a separate agency, says it is the utilities' responsibility to design 'resilient systems' but the government has a right to set standards, given that taxpayers will bear the cost of a cleanup and other economic impacts due to attack-related disruptions and that the government 'must remain engaged'.
Whether one believes progress to beef-up the physical security of the US's power infrastructure is slow or adequate, or whether it should be monitored more closely by federal government or not, one thing that is surely universally agreed on is that the issue of physical security of the grid has been placed well and truly on the agenda right alongside cyber security. And fortunately the wake-up call came from an unsuccessful attack that served to show just how resilient the system is while also highlighting its flaws.