Truth, Inspiration, Hope.

Attacks on American Energy Infrastructure Peaked in 2022; Over 100 Incidents Reported

Published: December 29, 2022
In an aerial view, a Pacific Gas & Electric (PG&E) electrical substation is visible in front of the city skyline on Jan.26, 2022 in San Francisco, California. The Department of Homeland Security (DHS) is warning that domestic extremists have been developing specific plans to target electrical infrastructure in the United States. (Image: Justin Sullivan/Getty Images)

Attacks on American energy infrastructure have surged to a decade-high as suspected extremists, vandals and cyber criminals unleash both physical and computerized assaults on the nation’s electricity grid. 

According to federal records, from January until August 2022 a total of 101 reports of attacks on the American electricity grid were reported, outpacing 2021 when 97 incidents were logged, POLITICO reported. 

The 2022 tally doesn’t include the year’s most high profile incident where 45,000 people were left in the dark in Moore County, N.C. after two Duke Energy substations were shot at and damaged.

On Christmas Day, 14,000 Americans lost power in Washington state after vandals attacked four Tacoma Public Utilities and Puget Sound Energy substations. According to a statement by the Pierce County Sheriff’s Department, released on Christmas Day, no suspects have been apprehended. 

“It is unknown if there are any motives or if this was a coordinated attack on the power systems,” the Sheriff’s Department said. 

So far, authorities have only been able to speculate on the motives behind the attacks and no group has come forward to claim responsibility nor have any suspects been apprehended. 

Richard Glick, chair of the Federal Energy Regulatory Commission (FERC) told reporters last week that there is “no doubt” that attacks on the electricity grid have surged this year and questioned whether there was “something more sinister going on.”

In a meeting on the matter in December FERC said it would direct resources to analyzing whether more regulations are in order to protect critical infrastructure, however federal authorities do not have jurisdiction over local electrical substations and distribution lines, the type of equipment damaged in the North Carolina attack. 

FERC Commissioner, Willie Phillips, asked in early December, “Are we going to have armed guards at every substation, every transformer in the country, in order to make sure this doesn’t happen?”

Despite measures implemented over the past two decades by utilities, federal agencies and state regulators to harden the grid, experts say the critical infrastructure remains more vulnerable than ever. 

Jonathan Monken, who was responsible for overseeing system resilience at PJM Interconnection, which covers power distribution for 13 states, told POLITICO, “If somebody really wanted … to create a blackout in a certain area to achieve whatever social, cultural, political objectives, it’s fairly easy to get access to that information right now — and the tools necessary to execute it are readily available.”


Majority of attacks failed

According to a collection of incidents reported to the Department of Energy (DOE) the mass majority of attacks resulted in no outages. 

Only four attacks, in Texas, Montana, Florida and Washington state were classified as cybersecurity matters. These attacks impacted more than 22,000 customers. 

Information on just how many attacks have occurred is muddy as reporting requirements for incidents that don’t cause a disruption in service are unclear. 

One incident that falls into this gray area was another shooting in South Carolina on Dec. 7 when a Duke Energy hydropower facility was attacked; however there was no disruption in service.

According to CBS News, company employees witnessed a gunman opening fire on the facility at the Wateree Hydro Station in Ridgeway, before fleeing in a truck.

Monken told POLITICO, “To some degree the ambiguity is intentional because all scenarios cannot be accounted for, and DOE wants to avoid reporting overload that would just create a lot of ‘white noise’ that could obscure meaningful intelligence collection.”

An anonymous official told POLITICO that utilities have to make “judgment calls” whether or not to report when they come under attacks that don’t interrupt service.

“Generally, the electricity sector in particular is very cognizant of security … and they are very open to sharing information. And so we do see that they generally share more things out of an abundance of caution, which is encouraged,” the official said. 

The inconsistent reporting suggests that many more attacks on the electricity grid go unreported, shrouding the true nature of the matter.

While the NERC does not provide information on specific events, and publicly available data does not detail which incidents involved gunfire they do classify incidents into one of three scenarios; either, a “physical attack”, “physical threat” or “actual damage.”

Federal regulations do dictate how utilities protect their systems against attacks but mostly focus on large targets like major substations and transformers, which, if attacked in a coordinated way, could cause massive disruptions. 

Attacks are suspected to continue to soar as the electricity grid expands over the coming decades to accommodate higher loads as the economy continues to attempt to electrify. 

Emile Thompson, chair of the D.C. Public Service Commission told POLITICO, “With more and more [distributed energy resources] going up … there’s going to be an issue of additional transmission, say, that creates additional vulnerabilities,” adding that, “And then, of course, those assets themselves are vulnerable. And so how do you ensure that a solar field in the middle of the country is adequately protected? Same issue you would have with some type of power plant, but now you just have many more smaller assets.”