North Carolina blackout highlights growing grid security problem

40,000 citizens of North Carolina lost power on Saturday night after two Duke Energy substations suffered what law enforcement have described as a “coordinated” physical attack involving rifle fire, damaging hard to replace high voltage transformers.

Major media outlets immediately picked up on the story – elevating America’s attentiveness to the prospect of physical attacks and the vulnerabilities of grid infrastructure. In fact, these attacks happen much more frequently than most people realize.

Physical attacks on the U.S. grid occur at a frequency of more than one per week according to Michael Mabee, who tracks data on electric outages reported to the Department of Energy (DOE)..

According to Mabee’s analysis of DOE data, from January 1, 2010, through August 2022, there have been at least 919 physical attacks on the U.S. grid and the rate of attacks is increasing.

In some cases, these acts of sabotage are criminal and involve the theft of copper.  This is a worldwide problem that has resulted in outages in locales ranging from Pittsburgh to Arkansas, and from London to Malaysia and have even led some utility service providers to declare that “substation copper theft has become a crisis.”

For example, after thieves in New Orleans damaged a local substation to steal copper this summer, its utility – Entergy – admitted that this sort of vandalism happens “often enough” that the industry has to spend “a lot of time and resources” guarding against it.

In other cases, such as the well-documented 2013 attack in on the Pacific Gas & Electric (PG&E) Metcalf substation in San Jose – the attackers did not want to steal copper but rather sabotage the grid, causing costly, life-threatening blackouts. Despite promises from PG&E to improve security, the same substation was breached again in 2014.

Media photos involving the NC outage showed that at least one substation gate was knocked down, suggesting that the attackers gained entry to the substation – a clue that they may have been targeting it for theft of valuable components.  However, the fact that they attacked two substations – including a larger one that services the “transmission” part of the grid – suggests that the motive may have been to take down the power and keep it down for a long time.

Some social media users alleged the sabotage was the result of “right-wing extremists” seeking to disrupt a scheduled drag show event, which was being held in Southern Pines, NC and which had been a source of community tension in recent weeks. Despite that Moore County Sheriff Ronnie Fields said there was “no evidence” to support such a claim, social media accounts, including some linked to the left wing extremist network Antifa, continued to spread the allegation online resulting in the claim being picked up by local and national media.

Regardless of who perpetrated the attack, given the dire consequences, many Americans are questioning why the utility industry leaves substations vulnerable to vandalism, physical sabotage and rifle fire. Tall concrete barriers protect neighborhoods from highway noise, but vital transformer substations are often guarded by nothing more than an old chain link fence.

Frustration over the electric industry’s lack of focus on security reaches the highest levels of national security. As former Director of Central Intelligence, Ambassador R. James Woolsey told to the Federal Regulatory Commission (FERC) “Americans witness daily the unguarded status of critical electric utility assets, as do our enemies.”

Woolsey’s letter –in response to a complaint to FERC– pointed out how industry lobbying convinced regulators to exempt extremely important assets from the physical security standard, including “all generation plants, most high voltage transformers, transmission lines and the grid’s master control rooms.”

While FERC ultimately dismissed the complaint, the movement to prioritize protection of the electric grid continues to grow.  A forthcoming documentary, “Grid Down, Power Up,” seeks to raise awareness about the grid’s vulnerabilities and educate citizens about how they can help break policy logjams and enhance grid security despite industry opposition.

Until changes are made to security standards however, it is likely to be local emergency planners and individual citizens who are left to deal with the consequences of power outages. Moore County North issued an emergency declaration December 5 imposing a 9:00 pm curfew on all residents, and opened a community emergency shelter. Shops and schools have remained closed, apart from a handful of businesses able to operate on back-up generator power. Citizens have been asked to carefully limit fuel usage.

As the Center for Security Policy noted in a February 2022 report warning of a potential increase in national security threats to critical infrastructure, local emergency planners are a vital part of establishing resilience and responding after an attack on critical infrastructure. In particular, the Center advised local community leaders to review and implement “best practices” established by the Department of Homeland Security’s Resilient Power Working Group, encourages participating in regional networks devoted to sharing information about protecting critical infrastructure such as InfraGard, and preparing first responder communication plans with long-term power outages in mind.