Though 2022 finished out with a spate of physical attacks on grid infrastructure, it was also a year in which the federal government ramped up its focus on cybersecurity and the potential for hackers to remotely disrupt the flow of electricity.
Distributed energy resources “pose emerging cybersecurity challenges to the electric grid” and they should be designed with security as a “core component,” the U.S. Department of Energy concluded in an October report.
The Federal Energy Regulatory Commission is considering developing new cybersecurity rules for DERs on the bulk electric system and DOE is directing millions to support “next-generation” cybersecurity research, development, and demonstration projects.
In April, the North American Electric Reliability Corp. issued a report highlighting the “urgent need to consider technical alternatives” to the communications systems typically used by grid operators and which might not be available in the event of an attack and widespread blackout.
The growing risk is driving up costs for utilities, say experts.
Electric providers procuring cyber insurance from industry-backed insurers saw premiums rise 25% to 30% in the early part of 2022, while other types of energy companies in the commercial insurance sector have seen premiums more than double, according to data from insurance broker Marsh.