By Blake Sobczak
E&E News reporter
September 6, 2019
A first-of-its-kind cyberattack on the U.S. grid created blind spots at a grid
control center and several small power generation sites in the western United
States, according to a document posted yesterday from the North American
Electric Reliability Corp.
The unprecedented cyber disruption this spring did not cause any blackouts, and
none of the signal outages at the low-impact control center lasted for longer
than five minutes, NERC said in the Lesson Learned document posted to the
grid regulator’s website.
But the March 5 event was significant enough to spur the victim utility to
report it to the Department of Energy, marking the first disruptive cyber
event on record for the U.S. power grid (Energywire, April 30).
The case offered a stark demonstration of the risks U.S. power utilities face
as their critical control networks grow more digitized and interconnected — and
more exposed to hackers. Have as few internet facing devices as possible,
NERC urged in its report.