Federal energy regulators on Thursday ordered a study to determine if security standards need to be improved following recent attacks on electrical facilities, including one in North Carolina.
A nonprofit called the North American Electric Reliability Corporation (NERC) sets standards for the power industry. The Federal Energy Regulatory Commission, or FERC, gave the organization four months to deliver a report on the effectiveness of current physical security standards and whether they should be revised.
FERC chairman Rich Glick said the study is needed because of an increasing number of attacks on the nation's electrical infrastructure.
“It is important that we fully and clearly review the effectiveness of our existing physical security standard to determine whether additional improvements are necessary to safeguard the Bulk Power System," Glick said in a statement.
FERC's action was prompted by the Dec. 3 attack in Moore County, where gunfire knocked out two Duke Energy substations and forced the shutdown of a third substation. That knocked out power to about 45,000 customers and left thousands without power for up to five days. Authorities are still investigating the incident and have not named any suspects or a motive for the attacks.
FERC approved the current physical security reliability standard in 2014. Thursday's order asks NERC to study "the effectiveness of the current physical security standard, specifically how physical security protections are being applied, whether improvements to existing requirements are necessary, and whether some minimal level of physical security protections should be required for all Bulk Power System stations, substations and associated primary control centers."
The North Carolina attacks have prompted concern from grid security experts, who describe power grid security as America's "Achilles' heel." Gov. Roy Cooper said the attacks signal "a new level of threat."
Duke Energy officials told state regulators last week that they would use what they've learned from the Moore County attacks and decide if they need to change any of their current security measures.
