Right around now, the companies and regulators that make up the North American electricity system – i.e., the power grid – are undergoing a stress test. It is the second and final day of a “war game” on the grid.
Right now, the lights are out for thousands of North Americans. Virtually, that is.
That’s the idea of an exercise known as GridEx III. It’s the third time the electric industry has faced a set of pretend attacks. The latest simulation came Wednesday and Thursday.
“Most of the attack scenarios peaked on the first day,” said engineer George Masters at grid equipment provider Schweitzer Engineering Labs, “and in the following day we’re seeing some copycat episodes and we’re seeing utilities start to restore communications.”
The exact details of the war game are closely held. But they likely include a simulated aerial attack. That happened in real life in Quebec this year, taking out a critical East Coast transmission line.
“We do know that it involved a single-engine airplane dropping material onto the high-voltage lines,” said Brian Harrell of Navigant Consulting, an original developer of the grid exercise.
A different type of vulnerability being tested is emergency communication. Last month a utility in Ohio fended off a cyberattack. But company officials said an instant response from federal agencies that could have protected the larger system never came.
“Cybersecurity response and information sharing with federal partners continues to be a learning process,” Harrell said. “The governments of North America may be ill-prepared to process this threat information and actually do anything about it.”
Energy is one of the most hacked industries. U.S. intelligence officials said Russian hackers have penetrated the American grid. And a virus, reportedly sent by the U.S. and Israel, sabotaged Iran’s nuclear facilities.
But, spycraft is not the biggest threat to keeping the lights on.
“The top two threats to the grid are weather events and squirrels getting in transformers,” said Robert M. Lee of the cybersecurity software firm Dragos Security.
Lee said the latest simulated attacks on the grid combined natural, physical and cyber threats. So, after three tests in five years, how has the grid responded?
“We are getting better,” Lee said. “But my concern is we have a lot of ground to make up. And we have very sophisticated adversaries. And the question is, are we getting better fast enough?”