At the S4x25 conference, Brian Foster, grid security senior advisor at Southern California Edison, addressed the potential for future cyberattacks to trigger large-scale urban fires through vulnerabilities in smart infrastructure. Covering a technically proficient audience, he offered a stark warning and a call to action—highlighting not only the feasibility of such attacks but also strategies for prevention.
Setting the stage: A sobering introduction
Foster began with a candid acknowledgment of the session’s gravity, especially in light of recent real-world fires that underscored the devastating speed and scale at which urban blazes can spread. The hypothetical scenario presented wasn’t mere speculation; it was a plausible threat based on existing vulnerabilities in IoT (Internet of Things) and IIoT (Industrial Internet of Things) devices, coupled with infrastructure developments on the horizon.
“This attack is viable,” Foster stated, “but it’s based on infrastructure that isn’t fully deployed yet. That means we still have time to prevent it.” This set a proactive tone, shifting the focus from fear to action.
Anatomy of a potential urban fire attack
Central to the presentation was the concept of leveraging IoT devices, ubiquitous in modern homes and businesses, as vectors for large-scale attacks. The scenario outlined how smart inverters, connected through customer Wi-Fi networks, could be exploited to issue malicious commands to millions of devices simultaneously.
Key points included:
- Vulnerable devices: Common household items like smart ovens, space heaters, and UPS batteries were highlighted as potential ignition sources. Many of these devices lack robust security measures, and in some cases, even basic mechanical fail-safes have been removed in favor of software controls.
- Centralized control systems: The future integration of centralized control for IoT devices was identified as a critical risk factor. While this architecture promises operational efficiencies, it also creates a single point of failure that could be exploited by attackers to trigger widespread incidents.
- Exploitable infrastructure: The attack model relied on known vulnerabilities (rather than zero-day exploits), emphasizing how existing security gaps in IoT ecosystems could be weaponized. The scenario illustrated that even a modest success rate—as low as 5 percent of targeted devices igniting—could overwhelm emergency response capabilities in major metropolitan areas.
Case study in catastrophe: Fort Worth scenario
To ground the discussion in tangible terms, Foster presented a detailed hypothetical attack on Fort Worth, Texas. Using conservative estimates, the model predicted over 3,000 simultaneous structure fires, far exceeding the city’s firefighting capacity even with mutual aid from neighboring Dallas.
Factors contributing to the severity included:
- High Wind Conditions: These not only accelerate fire spread but also hamper aerial firefighting efforts.
- Urban Density: Modern building practices that prioritize maximizing real estate often result in homes being constructed in close proximity, facilitating rapid fire propagation.
- Infrastructure Limitations: Beyond manpower, critical resources like water supply systems would be quickly overwhelmed, further compounding the disaster.
Underlying drivers: Why are we vulnerable?
The session didn’t just focus on the ‘how’ of such attacks but also the ‘why.’ As energy grid evolves to accommodate distributed generation, electric vehicles, and smart technologies, the need for real-time demand response and granular control is driving the integration of IoT devices into critical infrastructure.
The harsh reality, as Foster pointed out, is that “the grid wasn’t built for this.” The current trajectory is creating interdependencies between systems that were never designed to be connected, introducing new vulnerabilities at an unprecedented scale.
Mitigation strategies: A path forward
Despite the alarming scenario, Foster emphasized that disaster isn’t inevitable. Several mitigation strategies were proposed:
- Rethinking Centralized Control: Instead of direct device control via utility-managed systems, Foster advocated for alternatives like cloud-based command relays through manufacturers or smart apps integrated into existing hubs. This approach adds layers of abstraction that can help contain potential breaches.
- Security by Design: IoT devices must be designed with security as a foundational principle, not an afterthought. This includes robust authentication protocols, encrypted communications, and fail-safe mechanisms that prevent unsafe conditions even in the event of a breach.
- Regulatory Oversight: There was a call for stronger regulatory frameworks to enforce minimum security standards for devices connected to critical infrastructure.
- Enhanced Incident Response: Improving urban resilience through better emergency response planning, resource allocation, and public awareness campaigns can help mitigate the impact of potential incidents.
Call to action: Preventing cities from burning
The session concluded with a powerful plea: “If we have to have centralized control of millions of IoT devices… how do we prevent a city from burning down?” This rhetorical question wasn’t just for dramatic effect; it was a genuine challenge to the cybersecurity community to think beyond traditional paradigms and develop innovative solutions.
Attendees were encouraged to consider not just technological fixes but also policy changes, industry collaborations, and public-private partnerships. The overarching message was clear: while the threats are evolving, so too must our defenses.
Final Reflections
This S4x25 session served as both a wake-up call and a roadmap. It highlighted the fragile intersection of technology, infrastructure, and security, urging stakeholders to act before hypothetical risks become real-world disasters.
Foster’s final words resonated deeply: “We can prevent this. We just have to start now.”