Security

closeup photo of turned-on blue and white laptop computer closeup photo of turned-on blue and white laptop computer

Cybersecurity concerns persist in 2023

Cyber attacks continue to increase in both volume and sophistication. In 2023, in the Western Interconnection, there were two cybersecurity events reported through the Electric Emergency Incident and Disturbance Report (DOE-417). These attacks can cause system interruptions and loss of load while diminishing resilience and recovery measures. WECC works with its stakeholders to prevent these attacks and mitigate the risks they pose to the Western Interconnection by:

  • Sharing information in reports and committees, as well as at events held throughout the year; and
  • Developing, implementing, and testing security policies and incident response and recovery plans.

Regulation and Standards

All entities with critical infrastructure that affects the reliability of the bulk power system are governed by NERC’s Critical Infrastructure Protection (CIP) plan. The plan consists of a set of mandatory security standards designed to help mitigate risks and safeguard the integrity of the electric grid. WECC works through committees and conferences to educate entities on compliance with existing and upcoming CIP standards. There are 13 CIP standards, ranging from reporting of incidents to training and vulnerability management to physical security of cyber-assets.

In March 2023, FERC approved a modification to CIP-003-8 to include requirements addressing supply chain risk management for assets containing low impact Bulk Electric System (BES) cyber-systems. The modifications found in CIP-003-9 are in response to a NERC directive to study supply chain risks associated with low impact BES cyber-systems. Though the updated standard was approved in March 2023, it does not take effect until 2026.

Physical Security

In the Western Interconnection in 2023, there were 107 physical security incidents reported through DOE-417.

  • In late 2022, there were several attacks on substations in Oregon and Washington and similar attacks in North Carolina.
  • In January 2023, the Department of Homeland Security warned that extremists "have developed credible, specific plans to attack electricity infrastructure … identifying the electric grid as a particularly attractive target."
  • In June 2023, an Idaho man was arrested for allegedly damaging two hydroelectric dams in the Hells Canyon Complex, interrupting service and causing more than $200,000 in damage.
teal LED panel

E-ISAC bolsters effort to combat security threat

The Electricity Information Sharing and Analysis Center (E-ISAC), which is operated by NERC, launched a campaign to increase its membership among NERC registered entities in 2023, resulting in substantial growth by the end of the year. The effort was driven by a partnership among the E-ISAC, NERC, and the ERO Enterprise, including WECC.

There are significant benefits to joining the E-ISAC. As industry contends with increasing and evolving cyber- and physical security threats to the bulk power system, the E-ISAC offers its members timely information and analysis to respond to and mitigate these threats. Membership is open to all NERC registered entities. E-ISAC maintains a strict Code of Conduct that keeps it organizationally isolated from NERC's enforcement activities. E-ISAC members and partners have control over how and with whom they share information on the E-ISAC Portal and can provide their information anonymously.

The outreach campaign continues as a 2024 priority for the E-ISAC, NERC, and the ERO Enterprise.

aerial photography of city during night time

2023 Security-focused Events

WECC Power Systems Security Conference

WECC's inaugural Power Systems Security Conference took place in Salt Lake City in August 2023. The two-day event featured panelists sharing information on cyber- and physical security threat vectors, detection, management, and industry best practices. Presenters came from a range of agencies, including Department of Homeland Security, FBI, the Electricity Information Sharing and Analysis Center, and the Cybersecurity and Infrastructure Security Agency.

GridSecCon

The 12th annual GridSecCon security conference took place in October 2023, bringing together a cross section of representatives from industry and government to discuss grid security threats and planning. GridSecCon 2024 is set for October 2024 in Minneapolis.

GridEx VII

Hosted by NERC’s E-ISAC, this two-day event is the largest grid security exercise in North America. Held every two years, the conference provides E-ISAC member and partner organizations a forum to practice their response and recovery from coordinated cyber- and physical security threats and incidents. The outcomes of the exercises are used to help improve the security of the North American electric grid.

TopBuilt with Shorthand