[Ed. – This happened in March 2019, and has been known about for a while. Apparently it didn’t result in any down-time for the power utilities affected. The concern appears to be that the cyber-penetration was effective, demonstrating that such access is not just possible but has already happened. H/t: Wired]
The unprecedented cyber disruption this spring did not cause any blackouts, and none of the signal outages at the “low-impact” control center lasted for longer than five minutes, NERC said in the “Lesson Learned” document posted to the grid regulator’s website.
But the March 5 event was significant enough to spur the victim utility to report it to the Department of Energy, marking the first disruptive “cyber event” on record for the U.S. power grid (Energywire, April 30).
The case offered a stark demonstration of the risks U.S. power utilities face as their critical control networks grow more digitized and interconnected — and more exposed to hackers. “Have as few internet facing devices as possible,” NERC urged in its report.