Electrical disruptions caused by squirrels

Last updated

Squirrel running along utility line Squirrel on utility line.jpg
Squirrel running along utility line
A squirrel can disrupt a power system if its body becomes a current path between electrical lines such as those seen here. 20 kV switch and tap.jpg
A squirrel can disrupt a power system if its body becomes a current path between electrical lines such as those seen here.

Electrical disruptions caused by squirrels are common and widespread, and can involve the disruption of power grids. It has been hypothesized that the threat to the internet, infrastructure and services posed by squirrels may exceed that posed by cyber-attacks. [1] Although many commentators have highlighted humorous aspects of the concern, squirrels have proven consistently able to cripple power grids in many countries, [2] and the danger posed to the electrical grid from squirrels is ongoing and significant. [3] [4] This has led to tabulations and maps compiled of the relevant data. [5]

Contents

Scope

Electrical disruptions caused by squirrels are common and widespread. Between Memorial Day (May 27, 2013) and August 31, 2013, at least 50 power outages caused by squirrels (POCBS) were recorded in 24 U.S. states. [6] Cities affected by POCBS included Mason City, Iowa and Portland, Oregon. [7] Most media coverage of such events has compared the number of electrical grid shutdowns due to squirrels and those due to terrorists. Commentators often embellish and parody descriptions of the squirrels responsible for interrupting electrical service with allusions to military action or concerns, for example: "Squirrels mobilize, plot acts of cyber terrorism against humankind—And they're not acting alone." [8] or "Squirrelus interruptus: 5 things shut down by squirrels—How can a squirrel bring a nuclear weapons site to its knees?" [7] Electrical grids are not the only types of infrastructure at risk from squirrels, but nuclear weapons sites have also been described as targets of squirrel attention. Ground squirrels have interfered with underground nuclear missile sites at Malmstrom Air Force Base in Montana. The squirrels are able to tunnel under fences, bypassing motion detectors. Like their arboreal relatives, they can damage electrical cables by biting them. In addition, those that do take above-ground routes onto the base trigger thousands of false alarms each year. [7]

Prevention

Squirrels damage electrical distribution facilities by tunneling, by chewing through electrical insulation, or by simultaneously coming into contact with two conductors at different electrical potentials. [9] [10] Typically the animal is killed by the passage of current through its body. [11] Prevention is complicated by the ability of squirrels to bypass plastic animal guards, gnaw through insulation and squeeze through small openings into substations. [12]

Metrics

Squirrel-caused grid disruption in the U.S. is monitored by the American Public Power Association (APPA). [12] The APPA has developed a data tracker called "The Squirrel Index" (TSqI) to analyze the pattern and timing of "squirrel attacks" on electrical power systems. The TSqI is a metric that quantifies the rate per 1,000 customers over a period of time, and indicates two peak periods of highest "squirrel activity" or "squirrel peaking months" (SqPMS) in the year, in May–June and October–November, when disruption is greatest. [13]

This is the rate per 1000 electrical customers and squirrel related outages TSqI.png
This is the rate per 1000 electrical customers and squirrel related outages

Analytics

According to a survey made by one security expert, the real threat to critical infrastructure located around the globe is from the squirrels. It has been discovered that squirrels are causing more damage to critical infrastructure than cyber wars launched by enemy states or organizations. [14]

Intentional damage by human terrorists is often the first concern in assessing threats to the U.S. power supply; some cybersecurity experts believe a country's infrastructure, such as its power grid, is a likely terrorist target. But according to the security researcher Cris Thomas, also known by the pseudonym Space Rogue, "We've had power outages caused by squirrels in all 50 states ... [including] Hawaii, where they don't even have squirrels, but they do have chickens." [15] [16]

Specific cases

In 1987 a 90-minute loss of power to Nasdaq's automated trading computer, caused by a squirrel, affected twenty million trades. [9] [17] [18] Nasdaq was shut down for about 30 minutes again in 2014 by a squirrel-induced power outage. [19] [20] [21] Other commentators have noted that actual cyber attacks by human terrorists are much rarer than disruption caused by squirrels. [14]

John C. Inglis, the former deputy director of the U.S. National Security Agency, said in 2015 that he judged the electrical grid was as likely to be paralyzed by a natural disaster as by a cyberattack and added: "[F]rankly, the No. 1 threat experienced to date by the U.S. electrical grid is squirrels." [22] [23]

Similar concerns exist in Germany, where in 2005, a "cyber squirrel" crippled the entire electrical grid south of the River Elster for an hour. This squirrel was described as "a furry suicide bomber" ("pelzige[r] Selbstmordattentäter"). [24]

Squirrels have been the cause of many power outages in Pennsylvania. [n 1] Cris Thomas has said that as of January 2017 in the United States there have been six deaths associated with squirrel interference with infrastructure, such as downed power lines (and two with other animals). [18]

One commentator criticized the UK press for what he saw as an emphasis on "the ethnic struggle between Britain's populations of red and grey squirrels, and the latter's demonization (as immigrants and terrorists) and threatened eradication". [43] In at least one circumstance, a physical attack by a squirrel has been characterized as a "terrorist squirrel." [44]

See also

Notes

Related Research Articles

<span class="mw-page-title-main">Computer security</span> Protection of computer systems from information disclosure, theft or damage

Computer security is the protection of computer software, systems and networks from threats that may result in unauthorized information disclosure, theft of hardware, software, or data, as well as from the disruption or misdirection of the services they provide.

Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten, the loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation. Emerging alongside the development of information technology, cyberterrorism involves acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet by means of tools such as computer viruses, computer worms, phishing, malicious software, hardware methods, and programming scripts can all be forms of internet terrorism. Some authors opt for a very narrow definition of cyberterrorism, relating to deployment by known terrorist organizations of disruption attacks against information systems for the primary purpose of creating alarm, panic, or physical disruption. Other authors prefer a broader definition, which includes cybercrime. Participating in a cyberattack affects the terror threat perception, even if it isn't done with a violent approach. By some definitions, it might be difficult to distinguish which instances of online activities are cyberterrorism or cybercrime.

<span class="mw-page-title-main">Cyberwarfare</span> Use of digital attacks against a state

Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic warfare.

The Information Trust Institute (ITI) was founded in 2004 as an interdisciplinary unit designed to approach information security research from a systems perspective. It examines information security by looking at what makes machines, applications, and users trustworthy. Its mission is to create computer systems, software, and networks that society can depend on to be trustworthy, meaning secure, dependable, correct, safe, private, and survivable.

Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."

<span class="mw-page-title-main">United States Cyber Command</span> Unified combatant command of the United States Armed Forces responsible for cyber operations

United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integrates and bolsters DoD's cyber expertise which focus on securing cyberspace.

Cyberwarfare is the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes. As a major developed economy, the United States is highly dependent on the Internet and therefore greatly exposed to cyber attacks. At the same time, the United States has substantial capabilities in both defense and power projection thanks to comparatively advanced technology and a large military budget. Cyber warfare presents a growing threat to physical systems and infrastructures that are linked to the internet. Malicious hacking from domestic or foreign enemies remains a constant threat to the United States. In response to these growing threats, the United States has developed significant cyber capabilities.

Jeffrey Carr is a cybersecurity author, researcher, entrepreneur and consultant, who focuses on cyber warfare.

CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services.

A threat actor, bad actor or malicious actor is either a person or a group of people that take part in an action that is intended to cause harm to the cyber realm including: computers, devices, systems, or networks. The term is typically used to describe individuals or groups that perform malicious acts against a person or an organization of any type or size. Threat actors engage in cyber related offenses to exploit open vulnerabilities and disrupt operations. Threat actors have different educational backgrounds, skills, and resources. The frequency and classification of cyber attacks changes rapidly. The background of threat actors helps dictate who they target, how they attack, and what information they seek. There are a number of threat actors including: cyber criminals, nation-state actors, ideologues, thrill seekers/trolls, insiders, and competitors. These threat actors all have distinct motivations, techniques, targets, and uses of stolen data. See Advanced persistent threats for a list of identified threat actors.

On December 23, 2015, the power grid in two western oblasts of Ukraine was hacked, which resulted in power outages for roughly 230,000 consumers in Ukraine for 1-6 hours. The attack took place during the ongoing Russo-Ukrainian War (2014-present) and is attributed to a Russian advanced persistent threat group known as "Sandworm". It is the first publicly acknowledged successful cyberattack on a power grid.

Industroyer is a malware framework considered to have been used in the cyberattack on Ukraine’s power grid on December 17, 2016. The attack cut a fifth of Kyiv, the capital, off power for one hour and is considered to have been a large-scale test. The Kyiv incident was the second cyberattack on Ukraine's power grid in two years. The first attack occurred on December 23, 2015. Industroyer is the first ever known malware specifically designed to attack electrical grids. At the same time, it is the fourth malware publicly revealed to target industrial control systems, after Stuxnet, Havex, and BlackEnergy.

<span class="mw-page-title-main">Cris Thomas</span> American cybersecurity researcher and hacker

Cris Thomas is an American cybersecurity researcher, white hat hacker, and award winning best selling author. A founding member and researcher at the high-profile hacker security think tank L0pht Heavy Industries, Thomas was one of seven L0pht members who testified before the U.S. Senate Committee on Governmental Affairs (1998) on the topic of government and homeland computer security, specifically warning of internet vulnerabilities and claiming that the group could "take down the internet within 30 minutes".

<span class="mw-page-title-main">Sandworm (hacker group)</span> Russian hacker group

Sandworm is an advanced persistent threat operated by Military Unit 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. Other names for the group, given by cybersecurity researchers, include Telebots, Voodoo Bear, IRIDIUM, Seashell Blizzard, and Iron Viking.

<span class="mw-page-title-main">IT Army of Ukraine</span> Ukrainian cyberwarfare volunteer group

The IT Army of Ukraine is a volunteer cyberwarfare organisation created at the end of February 2022 to fight against digital intrusion of Ukrainian information and cyberspace after the beginning of the Russian invasion of Ukraine on February 24, 2022. The group also conducts offensive cyberwarfare operations, and Chief of Head of State Special Communications Service of Ukraine Victor Zhora said its enlisted hackers would only attack military targets.

A cyberattack happened in the Ukrainian capital Kyiv just before midnight on 17 December 2016, and lasted for just over an hour. The national electricity transmission operator Ukrenergo said that the attack had cut one fifth of the city's power consumption at that time of night.

<span class="mw-page-title-main">Moore County substation attack</span> Attack on power substations in Moore County, North Carolina

On 3 December 2022, a shooting attack was carried out on two electrical distribution substations located in Moore County, North Carolina, United States. Damage from the attack left up to 40,000 residential and business customers without electrical power. Initial estimates were that up to four days could be required to fully restore power in the area. A state of emergency and corresponding curfew were enacted by local government officials in the wake of the incident.

Electrical grid security in the United States involves the physical and cybersecurity of the United States electrical grid. The smart grid allows energy customers and energy providers to more efficiently manage and generate electricity. Similar to other new technologies, the smart grid also introduces new security concerns.

In Q2 of 2013, Akamai Technologies reported that Indonesia topped China with a portion 38 percent of cyber attacks, an increase from the 21 percent portion in the previous quarter. China was at 33 percent and the US at 6.9 percent. 79 percent of attacks came from the Asia Pacific region. Indonesia dominated the attacking to ports 80 and 443 by about 90 percent.

Once a cyberattack has been initiated, certain targets need to be attacked to cripple the opponent. Certain infrastructures as targets have been highlighted as critical infrastructures in times of conflict that can severely cripple a nation. Control systems, energy resources, finance, telecommunications, transportation, and water facilities are seen as critical infrastructure targets during conflict. A new report on the industrial cybersecurity problems, produced by the British Columbia Institute of Technology, and the PA Consulting Group, using data from as far back as 1981, reportedly has found a 10-fold increase in the number of successful cyber attacks on infrastructure Supervisory Control and Data Acquisition (SCADA) systems since 2000. Cyberattacks that have an adverse physical effect are known as cyber-physical attacks.

References

  1. Goud, Naveen (January 18, 2017). "Squirrels cause more financial damage to critical Infrastructure than Cyber Attacks". Cybersecurity Insiders. Retrieved July 23, 2019.
  2. Cunningham, Meredith (January 11, 2015). "The most dangerous cyberterrorists are squirrels". Komando.com. Archived from the original on September 5, 2018. Retrieved June 8, 2017.
  3. "The Threat to America's Electrical Grid Is Much Bigger Than You Can Possibly Imagine". The Foreign Policy Group. Retrieved June 8, 2017.
  4. Weideman, Reeves; Johnson, R. Kikuo, Illustrator (June 6, 2016). "Envisioning the Hack That Could Take Down New York City". New York . Retrieved June 8, 2017.{{cite news}}: CS1 maint: multiple names: authors list (link)
  5. Atherton, Kelsey D. (January 8, 2016). "Map Shows Squirrel Winning Cyber War" . Retrieved June 8, 2017.
  6. Mooallem, Jon (September 1, 2013). "Squirrel Power!". NYT.com. Retrieved August 24, 2020.
  7. 1 2 3 Hickman, Matt (October 24, 2013). "Squirrelus interruptus: 5 things shut down by squirrels—How can a squirrel bring a nuclear weapons site to its knees". Mother Nature Network . Retrieved June 8, 2017.
  8. Hickman, Matt (January 11, 2016). "Squirrels mobilize, plot acts of cyber terrorism against humankind" . Retrieved June 8, 2017.
  9. 1 2 Peterson, Andrea. "Are squirrels a bigger threat to the power grid than hackers?". The Washington Post . Retrieved June 8, 2017.
  10. dridrive (January 15, 2016). "Squirrels or Hackers: Who's the Bigger Threat to Power Grid?". drinews.org. Archived from the original on March 27, 2018. Retrieved June 8, 2017.
  11. Mooallemaug, Jon (August 31, 2013). "Squirrel Power!". The New York Times . Retrieved June 8, 2017.
  12. 1 2 Shaver, Katherine (December 25, 2015). "The bushy-tailed, nut-loving menace coming after America's power grid". The Washington Post. Retrieved June 8, 2017.
  13. Hofmann, Alex (January 21, 2016). "Power outages and the squirrel connection". American Public Power Association Official Association Blog. Archived from the original on September 3, 2017. Retrieved June 8, 2017.
  14. 1 2 Goud, Naveen (January 18, 2017). "Squirrels cause more financial damage to critical Infrastructure than Cyber Attacks - Cybersecurity Insiders" . Retrieved June 8, 2017.
  15. Wagenseil, Paul (January 14, 2017). "Worried About Cyberwar? Worry About Squirrels Instead Worried About Cyberwar? Worry About Squirrels Instead". Tom's Guide. Retrieved June 8, 2017.
  16. "L'écureuil: le pire ennemi en matière de cybersécurité" (in French). Québec Science. Archived from the original on July 14, 2017. Retrieved June 8, 2017.
  17. Wootson Jr., Cleve R.; Johnson, R. Kikuo. "Most cybersecurity experts are worried about Russian hackers. One says: Look, a squirrel!". The Washington Post. Retrieved June 8, 2017.
  18. 1 2 "Squirrel 'threat' to critical infrastructure". BBC. January 17, 2017. Retrieved June 8, 2017.
  19. From the "flash crash" to the Nasdaq outage: technical problems that hit stocks and exchanges, Fox News, July 8, 2015
  20. Jon Mooallem (August 31, 2013), "Squirrel Power!", The New York Times
  21. Mathew J. Schwartz (August 23, 2013), "Nasdaq Outage Explored: 7 Facts – Security experts dismiss reports that DDoS attack compromised systems in New York City and crashed Nasdaq exchange. But squirrels have not been ruled out.", Network Computing, archived from the original on January 13, 2019, retrieved July 21, 2017
  22. Blue, Violet (March 18, 2016). "America accuses Iran of hacking the dam, cyber-squirrels rejoice". Engadget. Retrieved June 8, 2017. While America is worrying about nation states, our infrastructure is being terrorized by rodents
  23. Armerding, Taylor. "How much at risk is the U.S.'s critical infrastructure?". Archived from the original on July 24, 2017. Retrieved June 8, 2017.
  24. "Eichhörnchen vs. the Internet". Wired.de. January 13, 2016. Retrieved June 8, 2017.
  25. Polacek, Karl. "Squirrel causes power outage on South Side Connellsville". TribLIVE.com. Tribune-Review. Retrieved June 7, 2017.
  26. Croyle, David. "Kittanning Paper - Electrocuted Squirrel Causes Power Outage". Archived from the original on August 21, 2017. Retrieved June 7, 2017.
  27. "Squirrel blamed for outage near Mills mall". TribLIVE.com. Retrieved June 7, 2017.
  28. "Squirrel causes brief power outage at CCAC south campus". TribLIVE.com. Tribune-Review . Retrieved June 7, 2017.
  29. Rittmeyer, Brian C. (May 17, 2017). "Springdale-area power problems likely caused by loose wire, dead squirrel". TribLIVE.com. Tribune-Review. Retrieved June 7, 2017.
  30. "Critters blamed for power outages". July 6, 2016. Retrieved June 7, 2017.
  31. "Squirrel to blame for Smethport power outage". The Bradford Era . May 20, 2014. Retrieved June 7, 2017.
  32. Martin Garrett, Michael (June 15, 2014). "State College, PA - Power Restored After College Heights Outage -". www.statecollege.com. Archived from the original on August 21, 2017. Retrieved June 7, 2017.
  33. Kemeny, Matthew (September 17, 2012). "Update: Squirrel is the culprit after all in Cumberland County power outage". The Patriot-News . Retrieved June 7, 2017.
  34. Mattera, Julianne (May 18, 2013). "Squirrel caused power outage for about 1,000 customers in New Cumberland, says PPL spokesman". The Patriot-News. Retrieved June 7, 2017.
  35. Waltz, Varerie (June 17, 2013). "Squirrel causes power outage in Middletown". Fox 43 . Retrieved June 7, 2017.
  36. Robinson, Ryan (May 19, 2015). "Squirrel on wire cuts power to 2,471 in Columbia area" . Retrieved June 7, 2017.
  37. Robinson, Ryan (March 12, 2014). "Squirrel on line knocks out power to over 1,500 people in city". LNP . Retrieved June 7, 2017.
  38. "Power outage affected over 4,000 customers". www.muncyluminary.com. The Luminary. June 3, 2015. Retrieved June 7, 2017.
  39. "Squirrel causes blackout to 360 homes - Times News Online". www.tnonline.com. Times News. October 29, 2012. Archived from the original on August 21, 2017. Retrieved June 7, 2017.
  40. Marchiano, Amy (October 23, 2013). "Squirrel cause of power outage in Schuylkill Haven" . Retrieved June 7, 2017.
  41. "Squirrel to blame for power outage in Hamburg". December 5, 2013. Retrieved June 7, 2017.
  42. "Squirrel knocks out power to hundreds in Laureldale, Muhlenberg". 69 News. February 15, 2017. Retrieved June 7, 2017.
  43. Charles, Alec. "The ideological dreamscape of BBC News online: the strange tale of the terror squirrel of Knutsford". theendofjournalism.wdfiles.com. Retrieved June 8, 2017.
  44. Haupt, Randy (2007). "Squirrels, Nuts, and People: Part 1 [Ethically Speaking]". IEEE Antennas and Propagation Magazine. 49 (5): 167. doi:10.1109/MAP.2007.4395334. ISSN   1045-9243. S2CID   12755759.