The U.S. Department of Defense (DoD) increasingly relies on electric power to accomplish critical missions. This report explores two approaches for deterring attacks against the U.S. power grid in a world of increasing cyber aggression: deterrence by denial and deterrence by cost imposition. It is a first step in developing frameworks and context to support DoD decisionmaking in this area.
Deterring Attacks Against the Power Grid
Two Approaches for the U.S. Department of Defense
Download
Download eBook for Free
| Format | File Size | Notes |
|---|---|---|
| PDF file | 1.4 MB | Use Adobe Acrobat Reader version 10 or higher for the best experience. |
Purchase
Purchase Print Copy
| Format | List Price | Price | |
|---|---|---|---|
| Add to Cart | Paperback98 pages | $19.50 | $15.60 20% Web Discount |
Research Question
- As DoD becomes increasingly dependent on electric power to accomplish its missions, what options does the department have to deter physical attacks and cyberattacks on the U.S. power grid?
Increased reliance on intelligence processing, exploitation, and dissemination; networked real-time communications for command and control; and a proliferation of electronic controls and sensors in military vehicles (such as remotely piloted aircraft), equipment, and facilities have greatly increased the U.S. Department of Defense (DoD)'s dependence on energy, particularly electric power, at installations. Thus, ensuring that forces and facilities have access to a reliable supply of electricity is critical for mission assurance. However, most of the electricity consumed by military installations in the continental United States comes from the commercial grid—a system that is largely outside of DoD control and increasingly vulnerable to both natural hazards and deliberate attacks, including cyberattacks. In this report, researchers explore two approaches that DoD might consider as options for deterring attacks against the power grid: enhancing resilience and reliability to deter by denial and using the threat of retaliation to deter by cost imposition. The report represents a first step in developing frameworks and context to support DoD decisionmaking in this area.
Key Findings
- The analysis focuses on two strategies for deterring deliberate attacks on the power grid: denial and cost imposition.
- For deterrence by denial, the report focuses on "outside-the-fence" interventions—ways in which DoD can engage with entities or infrastructure not owned by DoD. Case studies show that outside-the-fence interventions complement rather than replace existing inside-the-fence interventions and that resilience and reliability interventions can enhance DoD's ability not only to deter attacks by a military adversary but also to sustain operations under a broader set of potential perils, such as natural disasters and aging infrastructure.
- To explore options for deterring through the threat of cost imposition, the authors examine the applicability of international agreements on the law of war. For cyberattacks on the civilian electric power grid, the severity of the attack and the strength of attribution reveal several options for retaliation. Cyber intrusions on the grid launched by nation-states, for example, may be countered with legal countermeasures. And attacks reaching the level of armed attack could warrant military response.
- The challenge for deterrence comes from the ambiguity of cyberspace. This ambiguity cuts in two key directions: cyberattack attribution and cyberattack severity. The ambiguity surrounding severity may lead to less-obvious problems, but there is reason for concern that a lack of clarity on the meaning of use of force in cyberspace could produce unintended escalation.
Table of Contents
Chapter One
Introduction
Chapter Two
Assessing Outside-the-Fence Options for Improving DoD Mission Resilience to Power Disruptions
Chapter Three
Punitive Options for Deterring Cyberattacks on the Power Grid
Chapter Four
Conclusion
Research conducted by
Funding for this study was made possible by the independent research and development provisions of RAND's contracts for the operation of its U.S. Department of Defense federally funded research and development centers. The research was conducted within RAND Project AIR FORCE.
This report is part of the RAND Corporation Research report series. RAND reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND reports undergo rigorous peer review to ensure high standards for research quality and objectivity.
This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.
The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.