Efficiency Groups Sound Alarm on Potential Regulatory Rollbacks

Russian cyberattacks on U.S. power grid exposed DHS warnings: Dragonfly/Energetic Bear breached control rooms, ICS networks, and could trigger blackouts via switch manipulation, phishing, and malware, threatening critical infrastructure and utility operations nationwide.

Key Points

State-backed breaches of utility ICS and control rooms enabled potential switch manipulation and blackouts.

✅ DHS: Dragonfly/Energetic Bear breached utility networks

✅ Access reached control rooms and ICS for switch control

✅ Ongoing campaign via phishing, malware, lateral movement

Russian hackers for a state-sponsored organization invaded hundreds of control rooms of U.S. electric utilities that could have led to blackouts, a new report says.

The group, known as Dragonfly or Energetic Bear, infiltrated networks of U.S. utilities as part of an effort that is likely ongoing, Department of Homeland Security officials told the Wall Street Journal.

Jonathan Home, chief of industrial-control-system analysis for DHS, said the hackers “got to the point where they could have thrown switches” and upset power flows.

Although the agency did not disclose which companies were impacted, the officials at a briefing Monday said that there were “hundreds of victims” including breaches at power plants across the U.S., and that some companies may not be aware that hackers infiltrated their networks yet.

According to experts, Russia has been preparing for such attacks for some time now, prompting a renewed focus on protecting the grid among utilities and policymakers.

“They’ve been intruding into our networks and are positioning themselves for a limited or widespread attack,” said former Deputy Assistant Defense Secretary Michael Carpenter, now senior director at the Penn Biden Center at the University of Pennsylvania, per the Wall Street Journal. “They are waging a covert war on the West.”

Earlier this year, the Trump administration claimed Russia had staged a power grid hacking campaign against the U.S. energy grid and other U.S. infrastructure.

The report comes after President Trump told reporters last week during a joint press conference in Helsinki alongside Russian President Vladimir Putin that he had no reason not to believe the Russian leader's assurances to him that the Kremlin was not to blame for interference in the election.

Trump later admitted that he misspoke when he said he didn’t “see any reason why” Russia would have meddled in the 2016 election, and said he believes the U.S. intelligence community assessment that found that the Russian government did interfere in the electoral process.

Related News

• Electricity Forum News

• Grid Technologies News

Sault Ste. Marie Smart Grid Investment upgrades PUC Distribution infrastructure with federal funding, clean energy tech, outage reduction, customer insights, and reliability gains, creating 140 jobs and attracting industry to a resilient, efficient grid.

Key Points

A federally funded PUC Distribution project to modernize the citywide grid, cut outages, boost efficiency, and create jobs.

✅ $11.8M federal funding to PUC Distribution

✅ Citywide smart grid cuts outages and energy loss

✅ 140 jobs; attracts clean tech and industry

PUC Distribution Inc. in Sault Ste. Marie is receiving $11.8 million from the federal government to invest in infrastructure, as utilities nationwide have faced pandemic-related losses that underscore the need for resilient systems.

The MP for the riding, Terry Sheehan, made the announcement on Monday.

The money will go to the utility's smart grid project, where technologies like a centralized SCADA system can enhance situational awareness and control.

"This smart grid project offers a glimpse into our clean energy future and represents a new wave of economic activity for the region," Sheehan said.

"Along with job creation, new industries will be attracted to a modern grid, supported by stable electricity pricing that helps competitiveness, all while helping the environment."

His office says the investment will allow the utility to reduce outages, provide more information to customers to help make smarter electricity use choices, aligned with Ontario's energy-efficiency programs that encourage conservation, and offer more services.

"This is an innovative project that makes Sault Ste. Marie a leader," mayor Christian Provenzano said.

"We will be the first city in our country to implement a community-wide smart grid. Once it is complete, the smart grid will make our energy infrastructure more reliable, reduce energy loss and lead to a more innovative economy for our community."

The project will also create 140 new jobs.

"As a community-focused utility, we are always looking for innovative ways to help our customers save money amid concerns about hydro disconnections during winter, and reduce their carbon footprint," Rob Brewster, president and CEO of PUC Distribution said.

"The investment the government has made in our community will not only help modernize our city's electrical distribution system [as] once the project is complete, Sault Ste. Marie will have access to an electricity grid that can handle the growing demands of a city in the 21st century."

Related News

• Electricity Forum News

• Grid Technologies News

U.S. power grid cyberattacks expose critical infrastructure to Russian hackers, DHS warns, targeting SCADA, smart grid sensors, and utilities; NERC CIP defenses, microgrids, and resilience planning aim to mitigate outages and supply chain disruptions.

Key Points

U.S. power grid cyberattacks target utility control systems, risking outages, disruption, requiring stronger defenses.

✅ Russian access to utilities and SCADA raises outage risk

✅ NERC CIP, DHS, and utilities expand cyber defenses

✅ Microgrids and renewables enhance resilience, islanding capability

The U.S. Department of Homeland Security has revealed that Russian government hackers accessed control rooms at hundreds of U.S. electrical utility companies, gaining far more access to the operations of many more companies than previously disclosed by federal officials.

Securing the electrical grid, upon which is built almost the entirety of modern society, is a monumental challenge. Several experts have explained aspects of the task, potential solutions and the risks of failure for The Conversation:

1. What’s at stake?

The scale of disruption would depend, in part, on how much damage the attackers wanted to do. But a major cyberattack on the electricity grid could send surges through the grid, much as solar storms have done.

Those events, explains Rochester Institute of Technology space weather scholar Roger Dube, cause power surges, damaging transmission equipment. One solar storm in March 1989, he writes, left “6 million people without power for nine hours … [and] destroyed a large transformer at a New Jersey nuclear plant. Even though a spare transformer was nearby, it still took six months to remove and replace the melted unit.”

More serious attacks, like larger solar storms, could knock out manufacturing plants that build replacement electrical equipment, gas pumps to fuel trucks to deliver the material and even “the machinery that extracts oil from the ground and refines it into usable fuel. … Even systems that seem non-technological, like public water supplies, would shut down: Their pumps and purification systems need electricity.”

In the most severe cases, with fuel-starved transportation stalled and other basic infrastructure not working, “[p]eople in developed countries would find themselves with no running water, no sewage systems, no refrigerated food, and no way to get any food or other necessities transported from far away. People in places with more basic economies would also be without needed supplies from afar.”

2. It wouldn’t be the first time

Russia has penetrated other countries’ electricity grids in the past, and used its access to do real damage. In the middle of winter 2015, for instance, a Russian cyberattack shut off the power to Ukraine’s capital in the middle of winter 2015.

Power grid scholar Michael McElfresh at Santa Clara University discusses what happened to cause hundreds of thousands of Ukrainians to lose power for several hours, and notes that U.S. utilities use software similar to their Ukrainian counterparts – and therefore share the same vulnerabilities.

3. Security work is ongoing

These threats aren’t new, write grid security experts Manimaran Govindarasu from Iowa State and Adam Hahn from Washington State University. There are a lot of people planning defenses, including the U.S. government, as substation attacks are growing across the country. And the “North American Electric Reliability Corporation, which oversees the grid in the U.S. and Canada, has rules … for how electric companies must protect the power grid both physically and electronically.” The group holds training exercises in which utility companies practice responding to attacks.

4. There are more vulnerabilities now

Grid researcher McElfresh also explains that the grid is increasingly complex, with with thousands of companies responsible for different aspects of generating, transmission, and delivery to customers. In addition, new technologies have led companies to incorporate more sensors and other “smart grid” technologies. He describes how that, as a recent power grid report card underscores, “has created many more access points for penetrating into the grid computer systems.”

5. It’s time to ramp up efforts

The depth of access and potential control over electrical systems means there has never been a better time than right now to step up grid security amid a renewed focus on protecting the grid among policymakers and utilities, writes public-utility researcher Theodore Kury at the University of Florida. He notes that many of those efforts may also help protect the grid from storm damage and other disasters.

6. A possible solution could be smaller grids

One protective effort was identified by electrical engineer Joshua Pearce at Michigan Technological University, who has studied ways to protect electricity supplies to U.S. military bases both within the country and abroad. He found that the Pentagon has already begun testing systems, as the military ramps up preparation for major grid hacks, that combine solar-panel arrays with large-capacity batteries. “The equipment is connected together – and to buildings it serves – in what is called a ‘microgrid,’ which is normally connected to the regular commercial power grid but can be disconnected and become self-sustaining when disaster strikes.”

He found that microgrid systems could make military bases more resilient in the face of cyberattacks, criminals or terrorists and natural disasters – and even help the military “generate all of its electricity from distributed renewable sources by 2025 … which would provide energy reliability and decrease costs, [and] largely eliminate a major group of very real threats to national security.”

Related News

• Electricity Forum News

• Grid Technologies News

Australian Rooftop Solar Grid Constraints are driving debates over voltage rise, export limits, inverter curtailment, DER integration, and network reliability, amid concerns about localized blackouts, infrastructure protection, tariff reform, and battery storage adoption.

Key Points

Limits on solar exports to curb voltage rise, protect equipment, and keep the distribution grid reliable.

✅ Voltage rise triggers transformer protection and local outages.

✅ Export limits and smart inverter curtailment manage midday backfeed.

✅ Tariff reform and DER orchestration defer costly network upgrades.

With almost 1.8 million Australian homes and businesses relying on power from rooftop solar panels, there is a fight brewing over the impact of solar energy on the national electricity grid.

Electricity distributors are warning that as solar uptake continues to increase, there is a risk excess solar power could flow into the network, elevating power outage risks, causing blackouts and damaging infrastructure.

But is it the network businesses that are actually at risk, as customers turn away from centrally produced electricity?

This is what three different parties have to say:

Andrew Dillon of the network industry peak body, Energy Networks Australia (ENA), told 7.30 the way customers are charged for electricity has to change, or expensive grid upgrades to poles and wires will be needed to keep solar customers on the grid.

"The engineering reality is once we get too much solar in a certain space it does start to cause technical issues," he said.

"If there is too much energy coming back up the system in the middle of the day, it can cause frequency voltage disturbances in the system, which can lead to transformers tripping off to protect themselves from being damaged and that will cause localised blackouts.

"There are pockets of the grid already where we have significant penetration and we are starting to see technical issues."

However, he acknowledges that excess solar power has yet to cause any blackouts, or damage electricity infrastructure.

"I don't buy that at all," he said.

"It can be that in some suburbs or parts of suburbs a high penetration of solar on the point of use can raise voltage, these issues generally can be dealt with quickly.

"The critical issue is think where you are getting that perspective from. It is from an industry whose underlying market is threatened by customers doing it for themselves through peer-to-peer energy models. So, think with some critical insight to these claims."

He said when too many people rely on solar it threatens the very business model of the companies that own Australia's poles and wires.

"When the customers use the network less to buy centrally produced electricity, they ship less product," he said.

"When they ship less product, their underlying business is undermined, they need to charge more to the customers left and that leads to what has been called a death spiral.

"We are seeing rapid reductions in consumption at the point of use per household."

But Mr Dillon denies the distributors are acting out of self-interest.

"I absolutely reject that claim," he said.

"[What] we, as networks, have an interest in is running a safe network, running a reliable network, enabling the transition to a low carbon future and doing all that while keeping costs down as much as possible."

Solar installers say the networks are holding back business

Around Australia the poles and wires companies can decide which solar systems can connect to the grid.

Small systems can connect automatically, but in some areas, those wanting a larger system can find themselves caught up in red tape.

The vice-president of the Australian Solar Council, Glen Morris, said these limitations were holding back solar installation businesses and preventing the take-up of new battery storage technology.

"If you've already got a five kilowatt system, your house is full as far as the network is concerned," Mr Morris said.

"You go to add a battery, that's another five kilowatts and so they say no you're already full … so you can't add storage to your solar system."

The powers that be are stumbling in the dark to prevent a looming energy crisis, as the grid seeks to balance renewables' hidden challenges and competing demands.

Mr Morris also said the networks had the capacity to solve the problem of any excess solar flows into the grid, and infrastructure upgrades were not necessary.

"They already have the capability to turn off your solar invertor whenever they feel like it," he said.

"If they choose to connect that functionality, it's there in the inverter. The customer already has it."

ENA has acknowledged there is frustration with rooftop system size limits in the solar industry.

"What we are seeing is solar installers and others slightly frustrated at different requirements for different networks and sometimes they are unclear on the reasons for that," Mr Dillon said.

"Limitations are in place across the country to keep the lights on and make sure the network stays safe and we don't have sudden rushes of people connecting to the grid that causes outage issues."

But Mr Mountain is unconvinced, calling the limitations "somewhat spurious".

"The published, documented, critically reviewed analyses are few and far between, so it is very easy for engineers to make these arguments and those in policy circles only have so much tolerance for the detail," he said.

Related News

• Electricity Forum News

• Renewable Energy News

U.S. Power Grid Cybersecurity combats DHS-FBI flagged threats to energy infrastructure, with PJM Interconnection using ICS/SCADA segmentation, phishing defenses, incident response, and resilience exercises against Russia-linked attacks and pipeline intrusions.

Key Points

Strategies, controls, and training that protect U.S. electric infrastructure from cyber threats and disruptions.

✅ ICS/SCADA network segmentation and zero-trust architecture

✅ Employee phishing drills and incident response playbooks

✅ DOE-led grid exercises and threat intelligence sharing

The joint alert from the FBI and Department of Homeland Security last month warning that Russia was hacking into critical U.S. energy infrastructure, as outlined in six essential reads on Russian hacks from recent coverage, came as no surprise to the nation’s largest grid operator, PJM Interconnection.

“You will never stop people from trying to get into your systems. That isn’t even something we try to do.” said PJM Chief Information Officer, Tom O’Brien. “People will always try to get into your systems. The question is, what controls do you have to not allow them to penetrate? And how do you respond in the event they actually do get into your system?”

PJM is the regional transmission organization for 65 million people, covering 13 states, including Pennsylvania, and Washington D.C.

On a rainy day in early April, about 10 people were working inside PJM’s main control center, outside Philadelphia, closely monitoring floor-to-ceiling digital displays showing real-time information from the electric power sector throughout PJM’s territory in the mid-Atlantic and parts of the midwest, amid reports that hackers accessed control rooms at U.S. utilities.

#google#

Donnie Bielak, a reliability engineering manager, was overseeing things from his office, perched one floor up.

“This is a very large, orchestrated effort that goes unnoticed most of the time,” Bielak said. “That’s a good thing.”

But the industry certainly did take notice in late 2015 and early 2016, when hackers successfully disrupted power to the Ukrainian grid. The outages lasted a few hours and affected about 225,000 customers. It was the first publicly-known case of a cyber attack causing major disruptions to a power grid. It was widely blamed on Russia.

One of the many lessons of the Ukraine attacks was a reminder to people who work on critical infrastructure to keep an eye out for odd communications.

“A very large percentage of entry points to attacks are coming through emails,” O’Brien said. “That’s why PJM, as well as many others, have aggressive phishing campaigns. We’re training our employees.”

O’Brien doesn’t want to get into specifics about how PJM deals with cyber threats. But one common way to limit exposure is by having separate systems: For example, industrial controls in a power plant are not connected to corporate business networks, a separation underscored after breaches at U.S. power plants prompted reviews across the sector.

Since 2011, North American grid operators and government agencies have also done large, security exercises every two years. Thousands of people practice how they’d respond to a coordinated physical or cyber event, including rising substation attacks that highlight resilience gaps.

So far, nothing like that has happened in the U.S. It’s possible, but not likely, according to Robert M. Lee, a former military intelligence analyst, who runs the industrial cybersecurity firm Dragos.

“The more complex the system, the harder it is to have a scalable attack,” said Lee, who co-authored a report analyzing the Ukraine attacks. “If you wanted to take out a power generation station– that isn’t the most complex thing. Let’s say you cause an hour of outage. But now you want to cause two months of outages? That’s an exponential increase in effort required.”

For example, he said, it would very difficult for hackers to knock out power to the entire east coast for a long time. But briefly disrupting a major city is easier. That’s the sort of thing that keeps him up at night.

“I worry about an adversary getting into, maybe, Washington D.C.’s portion of the grid, taking down power for 30 minutes,” he said.

The Department of Energy is creating a new office focused on cybersecurity and emergency response, following the U.S. government’s condemnation of power grid hacking by Russia.

Deterrence may be one reason why there has not yet been a major attack on the U.S. grid, said John MacWilliams, a former senior DOE official who’s now a fellow at Columbia University’s Center on Global Energy Policy.

“That’s obviously an act of war,” he said. “We have the capability of responding either through cyber mechanisms or kinetic military.”

In the meantime, small-scale incidents keep happening.

This spring, another cyber attack targeted natural gas pipelines. Four companies shut down their computer systems, just in case, but they say no service was disrupted.

Related News

• Electricity Forum News

• Grid Technologies News

PG&E property tax payments bolster counties, education, public safety, and infrastructure across Northern and Central California, reflecting semi-annual levies tied to utility assets, capital investments, and economic development that serve 16 million customers.

Key Points

PG&E property tax payments are semi-annual county taxes funding public services and linked to utility infrastructure.

✅ $230M paid for Jul-Dec 2017 across 50 California counties

✅ Estimated $461M for FY 2017-2018, up 12% year over year

✅ Investments: $5.9B in grid, Gas Safety Academy, control center

Pacific Gas and Electric Company (PG&E) paid property taxes of more than $230 million this fall to the 50 counties where the energy company owns property and operates gas and electric infrastructure that serves 16 million Californians. The tax payments help support essential public services like education and public health and safety actions across the region.

The semi-annual property tax payments made today cover the period from July 1 to December 31, 2017.

Total payments for the full tax year of July 1, 2017 to June 30, 2018 are estimated to total more than $461 million—an increase of $50 million, or 12 percent, compared with the prior fiscal year, even as customer rates are expected to stabilize in the years ahead.

“Property tax payments provide crucial resources to the many communities where we live and work, supporting everything from education to public safety. By continuing to make local investments in gas and electric infrastructure, we are not only creating one of the safest and most reliable energy systems in the country, including wildfire risk reduction programs and related efforts, we’re investing in the local economy and helping our communities thrive,” said Jason Wells, senior vice president and chief financial officer for PG&E.

PG&E invested more than $5.7 billion last year and expects to invest $5.9 billion this year to enhance and upgrade its gas and electrical infrastructure amid power line fire risks across Northern and Central California.

Some recent investments include the construction of PG&E’s $75 millionGas Safety Academy in Winters in Yolo County, which opened in September. Last year, PG&E opened a $36 million, state-of-the-art electric distribution control center in Rocklin.

PG&E supports the communities it serves in a variety of ways. In 2016, PG&E provided more than $28 million in charitable contributions to enrich local educational opportunities, preserve the environment, and support economic vitality and emergency preparedness and safety, including its Wildfire Assistance Program for impacted residents. PG&E employees provide thousands of hours of volunteer service in their local communities. The company also offers a broad spectrum of economic development services to help local businesses grow.

Related News

• Electricity Forum News

• Energy Policy News