Skip to main content
close search
site logo
Dive Brief

NERC: Cyberattacks a top risk for grids

Published June 23, 2017
Robert Walton's headshot
Senior Reporter
Flcikr user Yuri Samoilov

Dive Brief:

  • While traditional grid resiliency continues to grow, the North American Electric Reliability Corporation says there is a growing threat that cyberattacks could be used to cause widespread outages on the nation's bulk power system.
  • NERC has issued its 2017 State of Reliability report, concluding that resiliency to severe weather continues to improve, but transmission outages due to human error showed a slight increase last year.
  • The report comes as the industry is focused on new analysis that shows the malware used to cause a 2015 Ukraine power outages could be modified to attack the United States' grid.

Dive Insight:

There were no successful grid attacks last year, and no loss of load, but NERC's latest reliability assessment cautions not to read too much into that accomplishment.

"While this indicates NERC’s efforts with industry have been successful in isolating and protecting operational systems from various adversaries, this does not suggest that cyber security risk is low," the nonprofit reliability agency said in the report.

Looking to better address risk management, the report notes NERC Critical Infrastructure Protection Committee, NERC’s Electricity Information Sharing and Analysis Center developed a "roadmap for future metrics development," including refining the initial set of metrics that are based on operational experience. The roadmap also addresses challenges associated with security-related data collection.

Part of the difficulty in collecting data, but what helps protect the bulk power system, is the sheer number and type of cyber systems and equipment used by the industry. NERC's report said the array is "vast, making it difficult to develop metrics that are meaningful to individual entities across the industry."

Earlier this month, cybersecurity firm Dragos issued a report concluding malware that was used in a 2015 cyberattack resulting in power outages in Ukraine could be modified by its Russian developers to target the United States. 

NERC issued a statement responding to the report, noting that to date there are "no reported instances of the malware in North America."

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Utility Broadband Alliance 2024 Summit & Plugfest Shatters Attendance Milestone
From Utility Broadband Alliance
November 21, 2024
General Atlantic’s BeyondNetZero Fund and TA Partner to Drive Continued Growth of Technosylva
From Technosylva
November 21, 2024
Heat Pump Assisted Water Heater Technology Could Make Big Lift
From Energy Solutions
November 07, 2024
Oncor System Resiliency Plan Approved by PUCT
From Oncor
November 14, 2024
Editors' picks
Latest in Transmission & Distribution
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell