Classified information about the physical security systems of the U.S. electrical grid was leaked by the country’s top energy regulatory commission, according to a government watchdog report.
The Energy Department inspector general reports that classified information about electrical grid security was mishandled by officials on the Federal Energy Regulatory Commission (FERC), the nation’s grid regulator.
The IG found that at least one FERC presentation contained information that should have been classified, was handled by commission employees who did not have proper clearance and was given to federal and industry representatives in non-classified settings.
“As you are aware, the materials in question raise concerns with the security and integrity of our Nation’s critical energy infrastructure, including the Nation’s power grid,” the IG reported. “We are especially concerned with reports that the document that was not properly classified and may currently be stored on unclassified Commission servers, as well as on current and former Commission employees’ desktop computers, laptops, portable electronic devices, and copiers.”
The report comes in the wake of a Wall Street Journal report that the government was investigating an April 2013 attack on a power substation near San Jose, California where gunmen did millions of dollars’ worth of damage and nearly took out the power to the region.
Alaska Republican Sen. Lisa Murkowski wrote to the Energy Department’s IG last month to find out how classified information was leaked to the WSJ and for the watchdog to examine the legal responsibility that former FERC commissioners and employees have to keep sensitive grid information secret.
“This was a dangerous leak of highly sensitive information that should have been classified and closely guarded,” Murkowski said in a statement following the release of the IG’s report.
“Unfortunately, it’s now clear that under its previous leadership, FERC mishandled information that should have been classified,” she added. “At best, a disclosure such as this has national security implications. At worst, it could endanger us all.”
The Federal Energy Regulatory Commission’s Acting Chairman Cheryl LaFleur “indicated to us that she has reviewed the management alert and has instructed Commission staff to implement its recommendations promptly, and to give them top priority,” according to the IG’s report. The IG’s review of the electrical grid leaks is ongoing.
The attack on the Metcalf power substation in April 2013 came very close to shutting down the electrical grid for Silicon Valley. The WSJ reported that in the 30 minute attack “snipers opened fire on a nearby electrical substation. Shooting for 19 minutes, they surgically knocked out 17 giant transformers that funnel power to Silicon Valley. A minute before a police car arrived, the shooters disappeared into the night.”
“This wasn’t an incident where Billy-Bob and Joe decided, after a few brewskis, to come in and shoot up a substation,” Mark Johnson, a retired vice president of transmission for the utility PG&E, the company operating the Metcalf substation. “This was an event that was well thought out, well planned and they targeted certain components.”
Regulators and the utility industry have long worried about the physical security of the U.S. electrical grid, but there is disagreement on how much more can be done to keep the grid safe. FERC has already required utilities to establish minimum security standards for the grid.
“I don’t want to downplay the scenario [a former FERC commissioner] describes,” Gerry Cauley, chief executive of the North American Electric Reliability Corp., a body that reports to FERC. “I’ll agree it’s possible from a technical assessment.”
Cauley said that even if some substation were taken offline, most people would have their power back within a few hours. A more pressing worry form utilities is the threat of cyber attack on the grid. There have been 13 reported cyber incidents in the last three years, according to the WSJ, though no major outages have yet been linked to these events.
The WSJ also notes that there were “274 significant instances of vandalism or deliberate damage in the three years, and more than 700 weather-related problems.”Facebook and Twitter, and follow our friends at RepublicanLegion.com.
Become an insider!
Sign up for the free Freedom Outpost email newsletter, and we'll make sure to keep you in the loop.