An attack on two electrical substations that’s left thousands in Moore County without power for days has raised questions about the security of North Carolina’s power grid.
The Moore County incident — caused by what law enforcement says was “intentional damage” — has triggered curfews and school closures, demonstrating the widespread implications of power outages.
The threat of direct attacks like Saturday’s, as well as looming cybersecurity risks, pose serious concerns to communities in North Carolina and beyond, experts say. And developing strategies to combat those threats is top-of-mind for the organizations that manage the state and nations’ power grid.
What’s the biggest threat to North Carolina’s power grid?
Security is one of the top risks facing the Southeast’s power grid, according to the most recent risk report from SERC, the division of the National Electric Reliability Council that includes North Carolina.
That includes — per the report released in January — cybersecurity threats and the threat of sabotage.
“Physical attacks on electric power infrastructure and assets” are “on the rise,” SERC reports.
“Physical attacks are often connected to some form of grievance, whether political or personal,” SERC says. “Sabotage is defined as deliberate, well planned, and often with an insider component, and has the greatest potential for impact.”
Examples have been seen nationwide, including a 2013 incident in California during which shooters fired 150 rounds from assault rifles into a Pacific Electric and Gas substation and the 2021 case of an Arkansas man setting fire to a substation and damaging a power line and electric tower.
SERC President and CEO Jason Blake said in a statement to The Charlotte Observer on Monday the group is “in close coordination with Duke Energy” about the Moore County attack as well as “NERC, our federal partners, and the appropriate industry members across our 16-state footprint.”
Locally, Charlotte-Mecklenburg Police said on social media the agency is “working with our partners and continuing to monitor developments in Moore County as well as assess needs in our jurisdiction.”
“We have a long-standing and great partnership with Duke Energy as well as a robust security plan in place,” the department said.
Cybersecurity is also a major concern, SERC notes, especially as electrical systems become more automated and reliant on “third-party service providers, vendors, and/or other organizations.”
“Nations and criminal groups pose the most significant cyber threats to U.S. critical infrastructure,” according to the federal Government Accountability Office.
“These threat actors are increasingly capable of attacking the grid,” the agency wrote in an October report.
Attackers could also bring down power grids “indirectly,” SERC says, by bringing down “supporting systems” and “critical infrastructure” such as water supplies and natural gas used by power plants or disrupting the supply chain for electricity.
What can be done to protect North Carolina’s power grid?
Power facilities have a number of means of addressing issues that can leave them vulnerable, an April 2022 SERC analysis found.
Recommendations include having hands-on leadership, frequently inspecting facilities and equipment in person, collaborating with other facilities on best practices and closely monitoring outside vendors and contractors and their work.
At the federal level, money is being put into combating cybersecurity threats. That includes $45 million allocated by the federal Department of Energy earlier this year “to create, accelerate, and test technology that will protect our electric grid from cyber-attacks.”
News & Observer reporters Martha Quillin and Dan Kane contributed to the reporting of this story.
©2022 The Charlotte Observer. Visit charlotteobserver.com. Distributed by Tribune Content Agency, LLC.