Report: 2015 simulated grid attack revealed communication sharing problems

Dive Brief:

Last year's simulated attack on the North American electric grid revealed significant progress the industry has made to harden assets and reliability against either a physical or electronic threat, but also revealed a number of points where improvements can be made, according to the North American Electric Reliability Corp.
NERC issued a report calling for improvements in communications, including upgrading the Electricity Information Sharing and Analysis Center (E-ISAC) portal and enhancing coordination with law enforcement.
More than 4,400 individuals from 364 organizations across North America participated in the simulated attack in November, and the analysis of the event also concluded more planning time is necessary before GridEx IX is run, EnergyWire reported.

Dive Insight:

Amidst growing concern that the North American power grid is vulnerable to attack – in worst case scenarios doing billions in damage and leaving cities uninhabitable – NERC's report highlights not just the need for improvement but also continued study.

“Industry continues to take the prospect of a cyber or physical attack on the bulk power system seriously,” said Marcus Sachs, NERC's senior vice president and chief security officer. “GridEx III, like prior NERC events, challenged the sector to demonstrate robust crisis management actions that would help keep the grid resilient and boost recovery efforts in the face of a real attack.”

Among NERC's findings:

E-ISAC needs to be enhanced to accommodate "urgent real-time communication with portal members;"
Cyber and physical security incident reporting mechanisms need to be reviewed for redundancies;
Pre-exercise planning time for GridEx IV should be extended.
Reliability coordinators should continue to play an enhanced role in the exercises;
Participants need to further leverage communications and social media;
There is room to improve coordination with local law enforcement and first responders.

“Security exercises, like NERC’s GridEx, are essential for industry and government partners to experience a worst-case, advanced-threat scenario to better prepare against any real crisis events,” said Bill Lawrence, associate director of stakeholder engagement. “Participating in GridEx allows industry, government partners and other stakeholders to share information and exercise a comprehensive approach to securing the bulk power system.”

GridEx III had two parts: a simulated large-scale cyber and physical attack scenario designed to overwhelm even the most prepared participants, and a roundtable of discussion on messaging, the collective effort to protect the grid and the use of extraordinary measures for restoring power.

"The industry and government need mechanisms to develop a common view of the evolving situation from two perspectives," the report found, including "the impact on the delivery of electricity to consumers, and the intelligence information needed by the industry to respond and recover, considering ongoing or follow on attacks are likely."

Last year, Lloyd's of London estimated a widespread attack on the U.S. power grid could result in a total economic loss ranging from $243 billion up to $1 trillion in the most damaging scenarios.