Energy infrastructure experts testified that the U.S. power grid is facing a myriad of escalating cybersecurity risks and emerging threats from both foreign adversaries and domestic extremists amid an ongoing critical modernization journey.
The latest annual threat assessment out of the Intelligence Community identifies Chinese cyber operations against the U.S. homeland as a major national security threat and warns that Beijing is “almost certainly capable of launching cyber attacks that could disrupt critical infrastructure services” nationwide, including the power grid.
Meanwhile, domestic extremists have been charged in recent months with plotting to attack energy facilities and power grids across the country, as part of an apparent effort to promote white supremacist ideologies.
Bruce Walker, former assistant secretary for the Energy Department’s Office of Electricity, told the House Energy & Commerce subcommittee on oversight and investigations on Tuesday that “the most important evolving threat to the electric grid is associated with cybersecurity and physical security” while calling for further collaboration between the public and private sectors.
“We must approach this problem differently,” he added. “We must transition to an all-of-society approach that, among other things, appropriately uses federal capabilities to protect the grid.”
The U.S. relies on critical components from countries like China to build large power transformers that help supply electricity to the national power grid, as the domestic production capacity for key parts is currently limited.
Power transformers and new power grid technologies are susceptible to disruption from physical attacks, as well as increasingly advanced cyber risks that can potentially threaten the entire electrical network.
“We need to develop risk-based, cost-effective ways of mitigating these risks that focus on strength and resilience against high consequence events,” said Paul Stockton, senior fellow at the Johns Hopkins University Applied Physics Laboratory. “We need to leverage the expertise of the private sector, including device manufacturers, standard-setting organizations and operators of the power grid.”
That power grid is experiencing a significant transformation as the U.S. transitions towards sustainable energy alternatives, including an increased demand for electric vehicle charging stations to support the adoption of greener transportation. Those stations can be vulnerable to critical cyber threats, according to Sam Chanoski, a technical relationship manager for Idaho National Laboratory’s Cybercore Integration Center.
“The significant increases that we’re expecting and forecasting for transportation electrification are coming at us so fast that the grid is going to be challenged to keep up with it,” Chanoski told lawmakers.
In recent years, the federal government has aimed to bolster cybersecurity collaboration between critical infrastructure owners and operators and the sector risk management agencies tasked with providing guidance and promoting security and resilience.
The Energy Department also launched a microgrid program strategy in 2020 that seeks to develop affordable, self-sufficient and sustainable power grids, reducing the scale and impact cyberattacks have on the entire country’s electric supply.
Earlier this week, the agency announced a funding opportunity worth nearly $15 million for multi-year research, development and demonstration of microgrid-related technologies that can support indigenous and underserved communities.