About 3:30 in the afternoon last December 23, operators at three electric utilities halfway around the world in western Ukraine found themselves not to be solely in control of their computer terminals. Someone from outside the utilities had taken over the controls and started opening circuit breakers at more than 27 substations, cutting power to more than 200,000 customers. Thousands of fake calls clogged utility switchboards, preventing people from phoning in to get information about the outage. Utility workers switched to manual operations, and it took three hours to restore power.
That’s not a movie plot. And if you missed or forgot about that news report from last year, people who run electric utilities have not. Attention to cyber security at electric utilities has been growing fast in the past few years, and the Ukraine attack pushed that trend into overdrive.
“It’s garnered a lot of attention from the federal government and throughout the industry,” says Barry Lawson, Associate Director of Power Delivery and Reliability for the National Rural Electric Cooperative Association (NRECA).