A House subcommittee held a hearing Tuesday on growing threats to the U.S. electric grid, including sophisticated hackers, physical attacks, the rise of inverter-based resources and a reliance on pipelines for gas-fired generation.
While a cyber attack has never caused a loss of load in North America, the threat landscape is “continuously evolving,” said Manny Cancel, CEO of the Electricity Information Sharing and Analysis Center, or E-ISAC. “Among the most pernicious are nation-states, which possess the capability to disrupt critical infrastructure in North America.”
Cancel and other experts testified before the House Subcommittee on Oversight and Investigations at a hearing titled "Examining Emerging Threats to Electric Energy Infrastructure."
Chinese cyber activities “are probably one of the largest and most dynamic cyber threats to critical infrastructure and continue to demonstrate an increasing sophistication,” Cancel said. “Russia remains a top cyber threat as it refines and employs its espionage, influence, and attack capabilities.”
Iran’s growing expertise and “willingness to conduct aggressive cyber operations make it a major threat to the security of U.S. and its allies,” Cancel continued. “North Korea’s cyber program poses a sophisticated and agile espionage, cybercrime, and attack threat.”
The E-ISAC is operated by the North American Electric Reliability Corp., or NERC, and functions as a clearinghouse for power sector security information.
Cancel also noted that ransomware attacks are common and growing in frequency and sophistication. The Federal Bureau of Investigation’s records indicate there were 870 ransomware complaints from critical infrastructure operators in 2022, including 15 from the energy sector, he said.
Recent ransomware attacks by groups like Cl0p, Black Basta, and Royal “remain a significant concern for the industry,” Cancel added. In particular, the MOVEit file transfer breach perpetrated by Cl0p “underscores the significant challenge of ransomware and its impact on supply chain security, with hundreds of widely used vendors being listed as victims.”
Physical attacks on the grid are also “deeply concerning,” Cancel said. There were almost 1,700 physical security incidents reported to the E-ISAC last year, an increase of 10.5% from 2021, he said.
Most physical attacks do not result in grid impacts, but “a trend toward more serious events occurred in 2022,” Cancel said. A series of attacks on substations in Washington and North Carolina within the last year resulted in blackouts and equipment being removed from service.
Other experts focused on threats tied to the transformation of the electric grid.
Wind, solar and battery assets are all inverter-based resources, or IBRs, which open up “significant opportunities to attack the grid,” said Paul Stockton, a senior fellow in Johns Hopkins University Applied Physics Laboratory.
“Adversaries can seek to access IBRs and shut them down precisely when we need the power the most,” Stockton said. “They can attempt to seize control of inverter-based resources and mis-operate them ... to help control frequency and voltage in order to create widespread disturbances. They can use what's supposed to be an advantage, transform it into a weapon.”
While IBRs are most commonly connected at the distribution-system level, Stockton warned they are increasingly used on the bulk power system and tied to high voltage transmission systems. “We’ve got some new potential vulnerabilities to get out in front of and get ready to secure the grid of the future,” he said.
Even without adversarial action, IBRs still require more study. NERC has been sounding alarms over a series of disruptions to IBRs, in particular solar resources that have “exhibited systemic performance issues that could lead to potential widespread outages if they persist.” The IBRs have tripped offline or reduced output in response to grid disturbances.
A growing reliance on natural gas also poses a threat to the electric grid, said Bruce Walker, president of the nonprofit Alliance for Critical Infrastructure Security. China is almost certainly capable of disrupting U.S. critical infrastructure, including gas pipelines, he said.
”This is particularly troubling and pertinent to emerging risks as we are significantly reliant on gas transmission pipelines for electric generation,” Walker said. “The United States reliance on gas fired electric generation is only increasing as government policies and investment move the industry away from other fossil fuel generation.”
