Service-disrupting attacks on the U.S. electrical power grid are expected to increase in the coming years, a new report by a leading industry group is warning.
The annual report by the North American Electric Reliability Corporation warns that the danger of attacks on the nation’s most critical infrastructure is growing owing to a number of factors.
“As a result of sector interdependencies, grid evolution and an expanding supply chain, the threat surface as well as the potential magnitude of impacts have increased,” the report said.
The U.S. electric power grid is a network of power production stations, substations that adjust voltage up or down and transmission lines. The grid is divided into two major sectors, eastern and western, with two minor independent sectors serving Alaska and Texas.
Strategic adversaries have demonstrated the ability to disrupt critical infrastructure in North America, and criminal attacks on power substations such as those recently in North Carolina and the Pacific Northwest also are on the rise.
“Increasingly bold adversaries regularly employ new tactics, techniques and procedures. They are also exploiting new and legacy vulnerabilities,” the report, made public this week, stated, added that “the threat landscape continued to demonstrate adversaries’ potential capability to disrupt critical infrastructure in North America.”
Cyberattacks targeting the electrical power grid are also a growing worry, according to the report.
Tensions with Russia and China in 2022 led power companies to launch a program called “shields up” designed to increase collaboration, communication and coordination among electric power utilities.
A confidential report by a NERC subgroup, the Electricity Information Sharing and Analysis Center, found that physical attacks on the power grid increased by 71% last year and are expected to increase this year, the Wall Street Journal, quoting the study, reported. Physical security incidents involving power outages also increased 20% since 2020 which the internal report blamed on the COVID-19 pandemic, social tensions and economic challenges.
NERC spokeswoman Rachel K. Sherrard declined to comment on the confidential report, but said most common security incidents were related to errant bullets by hunters, copper theft, arson and intrusions.
“The increase in physical attacks on the nation’s electric infrastructure highlights the need to reassess potential physical security vulnerabilities on the grid and to identify whether additional physical security controls are needed to more widely protect this critical infrastructure moving forward,” Ms. Sherrard said in a statement.
NERC is studying cost-effective steps to mitigate the grid vulnerabilities, as directed by the Federal Energy Regulatory Commission, she said. The group also promotes security standards requiring utilities to protect transmission stations and substations that, if attacked, would result in instability, uncontrolled separation from the grid or a cascading electrical failure.
Critics in the past have faulted the industry group for not doing enough to protect the electric grid, in part due to concerns that increased security meant increased costs.
“NERC condemns any type of attack on our nation’s critical infrastructure and is working in collaboration with industry and our government partners – both federal and state – to maintain a secure and reliable grid for nearly 400 million people across North America,” Ms. Sherrard said.
Federal authorities in Baltimore earlier this month charged two people, including the founder of a neo-Nazi group called Atomwaffen, with plotting sniper attacks on power substations in Maryland to shut off power. The FBI is reportedly investigating an attack on electric power distribution substations in North Carolina in December that disrupted power to thousands of Duke Energy customers.
A third attack took place in 2013 near San Jose, Calif., when snipers shot at a major power transmission substation, knocking out more than a dozen transformers.
Manny Cancel, chief executive of the Electricity Information Sharing and Analysis Center, said a pattern is emerging of people targeting critical infrastructure aimed at disrupting power.
“Going back to the 2020 presidential election, as well as the recent midterm elections, we’ve seen an uptick in chatter and an uptick in incidents as well,” he told the Wall Street Journal.
A report by the congressional U.S.-China Economic and Security Review Commission claimed that Chinese military groups have conducted rehearsal cyberattacks against electric grids, water treatment plants and industrial control systems.
The report also stated that a China state-linked hacking group known as RedEcho “extensively penetrated” India’s electric power grid amid heightened tensions between the two states in 2020.
U.S. officials also have said Chinese military hackers have been detected conducting reconnaissance of U.S. electric grid control networks. The activity was linked to suspected targeting of the electric grid in a future conflict.
A report by the Pentagon’s Defense Science Board said a Russian-linked malware called Havex and BlackEnergy was detected in the U.S. electrical grid.