Power Grid Preparedness Falls Short, Report Says

Nearly all the utilities that participated in two-day exercise last November to test the preparedness of the power grid for online and physical attacks said that their planning was not good enough, according to a report by the North American Electric Reliability Corporation, which organized the drill.

But the participants, more than 2,000 of them from across the United States, Canada and Mexico, said the exercise taught them lessons about whom they would need to communicate with in an attack, and where their vulnerabilities were.

The report had few details, because organizers said they did not want to provide a road map about the shortcomings and because they had promised to limit the scope of their evaluation to induce utilities to participate. But the reliability group is communicating with the utilities individually about their performances.

The drill provided “a one-two punch between cyber and physical security avenues,” said Bill Lawrence, manager of critical infrastructure protection awareness at the electric reliability corporation, which is charged by the government with enforcing standards of conduct on the grid.

In the drill, participants spent a morning simulating 12 hours of attacks, then completed another 12 hours in the afternoon. On the second day, industry executives and government officials conducted a “tabletop exercise” to explore when the federal government might step in during a coordinated attack.

The drill was called Gridex II, short for Grid Exercise. It was more than twice the size of the first one two years ago and participation exceeded the organizers’ expectations, reflecting wider anxiety about the grid as a vulnerable national asset. Another exercise is planned for 2015.

More From The New York Times: