The electric grid is a “hyper complex risk environment” where reliability is threatened by a trio of dynamics: climate change, the retirement of traditional generation and physical and cyber attacks, officials said Wednesday.
“The rate of software vulnerabilities being discovered is at an unprecedentedly-high rate,” Jim Robb, president and CEO of North American Electric Reliability Corp., said in a call with reporters. And a recent spate of attacks on grid infrastructure has put physical security “back on the top of the agenda,” he said.
The grid is also challenged by the growth of inverter-based resources such as solar and wind that do not inherently offer some of the reliability services — inertia, frequency response, reactive power and voltage support — that traditional spinning generation provides to the grid, Robb said.
“They can create a lot of these services synthetically, through power electronics. The issue is we have to tell them what to do and tell them how to respond to events, and that's an important body of work for us as we go forward,” he said.
Earlier this month, NERC issued an alert and recommendations for solar generators connected to the bulk electric system, or BES. The reliability organization tracked a growing list of instances where inverter-based resources tripped offline or reduced output in response to grid disturbances.
Climate change is also forcing the grid to cope with more extreme weather.
“We've had five major cold weather events since 2011. We've had three in the last five years,” Robb said. “We've had two major heat events over the last three years. So these things are coming at us in a very different way,” he said.
But most of NERC’s call focused on intentional grid attacks.
“Over the past year, the [security] landscape has become increasingly complex,” said Manny Cancel, NERC senior vice president and head of the Electricity Information Sharing and Analysis Center, or EISAC.
Cancel pointed to heightened tensions related to Russia’s invasion of Ukraine, and between China and the U.S. There are also threats from hackers in North Korea and Iran, he said.
“This geopolitical climate and turmoil has contributed to a dramatic uptick in malicious cyber activities, including new iterations of malware and ransomware,” Cancel said. He pointed to the emergence of attack tools developed by hackers to focus on operational technology environments where power equipment operates.
These tools are “incredibly concerning,” he said. They have been employed by Russian hackers in Ukraine, but “these are malware tool kits that absolutely have the capability to disrupt critical infrastructure here in North America, and their emergence highlights the need for good internal security and monitoring of OT systems.”
Physical attacks are also on the rise, Cancel said.
Multiple substations in Washington were damaged on Dec. 25, leading to more than 14,000 outages on the Tacoma Power and Puget Sound Energy systems. And a North Carolina firearms attack earlier that month knocked power out to about 45,000 Duke Energy customers.
There were almost 1,700 physical security incidents reported to the EISAC in 2022, he said, up 10.5% from 2021.
“So, obviously a market increase in trend there,” Cancel said. “Fortunately, though, only 3% of these incidents resulted in outages or other grid impacts such as operating contingencies.”
The majority of reported incidents were categorized as gunfire, ballistic damage, intrusion or tampering and vandalism, he said.