Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Security of North American Energy Grid Tested in GridEx Exercise

A major exercise whose goal was to test the cyber and physical security of North America’s grid has enabled the energy industry and governments to review and improve incident response plans and collaboration.

A major exercise whose goal was to test the cyber and physical security of North America’s grid has enabled the energy industry and governments to review and improve incident response plans and collaboration.

The grid security exercise, GridEx V, was organized last week by the North American Electric Reliability Corporation (NERC) and it was hosted by its Electricity Information Sharing and Analysis Center (E‑ISAC).

According to NERC, over 6,500 participants representing more than 425 government and energy sector organizations in the United States, Canada and Mexico took part in the two-day exercise. In comparison, representatives of 370 organizations took part in the previous GridEx, which took place in 2017, but the number of participants was roughly the same.

It’s worth noting, however, that GridEx V also invited representatives of the natural gas, electrical equipment manufacturing, finance, and telecommunications sectors.

Described as the largest exercise of its kind, GridEx V aimed to test responses to cyber and physical security incidents and threats. Objectives included exercising incident response strategies, expanding the response of local and regional stakeholders, increasing participation of the supply chain, and improving communications.

SecurityWeek has reached out to NERC for more information about the simulated scenario, but the organization says it does not speak in detail about the scenario.

However, UtilityDive reported that the simulated attack targeted Consolidated Edison (Con Ed), which provides electricity and gas to New York City and Westchester. The scenario involved gas outages caused by a loss of supply, electric outages caused by a substation explosion, a water outage, and a cyberattack that resulted in the exposure of customer information. The scenario involved both physical and cyber attacks and unfolded over a period of several weeks.

“NERC’s GridEx series offers an invaluable opportunity for industry and government officials at all levels to evaluate crisis communications and security and response plans in order to identify new risks and develop actionable mitigation strategies,” said Tom Kuhn, president of the Edison Electric Institute (EEI). “Through the CEO-led Electricity Subsector Coordinating Council (ESCC), GridEx also helps us to enhance cross-sector coordination and develop a more detailed understanding of interdependencies and potential impacts to other critical infrastructure sectors.”

A report detailing GridEx V is expected to be published in March 2020.

The exercise comes after earlier this year a power utility in the United States reported interruptions to electrical system operations as a result of a denial-of-service (DoS) attack. It was revealed recently that the attack hit sPower, a Utah-based power producer that relies on wind and solar technologies, and it involved the exploitation of a known vulnerability affecting Cisco firewalls.

Related: U.S. to Help Secure Baltic Energy Grid Against Cyber Attacks

Related: NIST Working on Industrial IoT Security Guide for Energy Companies

Related: GAO Says Electric Grid Cybersecurity Risks Only Partially Assessed

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.