On March 7, 2014, the Federal Energy Regulatory Commission (“FERC”) directed the North American Electric Reliability Council (“NERC”) to develop new standards for the protection of critical elements of the bulk-power system from physical attacks. In recent years there has been considerable attention paid to the potential for cyber-attacks against the transmission grid. Following a recent high-profile news report of an April 2013 event involving multiple gunshots fired at a California substation, the potential for physical attacks that disable critical elements of the high-voltage transmission system has become an area of significant focus by regulators and transmission providers.
In February 2014, reports emerged of an organized assault on a Pacific Gas & Electric electrical substation near San Jose, California. Early in the morning of April 16, 2013, unknown attackers cut telephone cables to the site and then opened fire with automatic rifles. 17 transformers were knocked off line after having been pierced by bullets. Law enforcement investigators found over 100 shell casings at the site. A former FERC official described the attack as “the most significant incident of domestic terrorism involving the grid that has ever occurred.” It took 27 days to repair the damage from the April 16 attack.
The nature of the attack was not widely publicized at the time, although federal officials were alarmed at the event and began an immediate investigation. Following the initial media reports, the possibility of large scale outages caused by acts of terrorism or other physical attacks on the transmission grid have received significant attention in the media and from regulators.
The March 7 FERC Order was issued pursuant to Section 215 of the Federal Power Act, which requires FERC to oversee development of Reliability Standards for the Bulk-Power System. In prior orders NERC has been designated as the entity charged with developing standards for ensuring grid reliability. The March 7 Order will significantly expand the scope of NERC-developed reliability standards to include physical security of transmission facilities, in addition to existing standards that include cybersecurity and vegetation management.
Despite the initial role of the media in bringing these concerns to the attention of the public, the Acting FERC Chairman issued a statement on March 12 criticizing the Wall Street Journal for publishing a follow-up article reporting on an internal FERC assessment of the potential damage to the grid that could be cause by physical attacks. The need to balance confidentiality versus public discussion of the potential risks and the best ways to strengthen the grid was also the subject of a concurring opinion to the March 7 Order by Commissioner Norris. Commissioner Norris also warned against overreacting to the April 2013 incident through a futile attempt to increase physical security at thousands of sites nationwide. In his view, developing a more agile “smart” grid utilizing new technologies would respond to the threats of various types of grid disruptions while also resulting in more efficient operations.
Physical security of the nation’s electric grid will remain an area of intense focus in the coming months.