The North American Electric Reliability Corp (NERC) said on Thursday it has concluded a two-day simulation with power sector entities to stress-test their emergency response and recovery plans for physical and cyber security attacks.
Plots against power infrastructure and electric substations have come to light recently in different parts of the country including Maryland, North Carolina, Washington state and South Carolina, with some incidents of vandalism leaving thousands in the dark.
"Our adversaries continue to look for ways to exploit our interconnected system. We must continue to be vigilant," said NERC senior vice president Manny Cancel, who leads its Electricity Information Sharing and Analysis Center (E-ISAC).
The E-ISAC's GridEx, the biggest grid security exercise in North America, took place on Nov. 14-15 with more than 250 participants, including electric and natural gas companies government agencies.
NERC warned of evolving cyber threats to the electric grid, "guided by geopolitical events, new vulnerabilities, changes in technologies, and increasingly bold cyber criminals and hackers."
In a report released Thursday, the Federal Energy Regulatory Commission warned that "a coordinated cyber and/or physical attack on the bulk power system or generation fuel sources, especially in conjunction with a severe cold weather event, could be especially impactful."
Data on electric disturbances reported by utilities shows about 95 human-related incidents, including vandalism and cyber events, in the first half of 2023, more compared to the same period in any past year, according to U.S. Department of Energy records dating back to 2000.
In an August report, NERC pushed to develop standards for the power sector on mitigating risk from cloud adoption and artificial intelligence technologies, along with cyber security training for the workforce.
(Reporting by Deep Vakil in Bengaluru; Editing by David Gregorio)