A wave of terrorist attacks on electric grid substations across the country, including six in the Pacific Northwest, have federal emergency responders on edge and local power entities eying security upgrades.
The attacks, which occurred in late November and early December, brought arson, guns, break-ins and more to high-voltage substations owned and operated by Puget Sound Energy (PSE), the Bonneville Power Administration (BPA), Cowlitz County Public Utility District and Portland General Electric.
Local branches of the FBI are investigating the attacks in Washington and Oregon, as well as an early December attack in Moore County, North Carolina, though the Bureau is unable to release details about an active investigation.
“The FBI remains vigilant and works closely with our law enforcement partners on a daily basis to detect, disrupt, and dismantle any threats that may emerge,” said FBI Seattle Spokesperson Amy Alexander. “As always, we ask members of the public to report anything they consider suspicious to law enforcement.”
Though few details have been released, they know several of the attacks were intentional.
“We had a substation attacked in Clackamas, Oregon,” said Doug Johnson, the senior spokesperson for BPA. “We’re not sharing specifics about the damage, but we do know it was deliberate.“
Though Johnson was unable to confirm specific details about the attack, Oregon Public Broadcasting (OPB) and KUOW Public Radio obtained a security memo from BPA with details earlier this month.
At the Clackamas site, OPB and KUOW reported, two people cut through the fence surrounding a high-voltage substation, then used “firearms to shoot up and disable numerous pieces of equipment and cause significant damage.”
The Clackamas attack mirrored the Dec. 3 terrorist incident at two substations in North Carolina that left more than 45,000 people without power. Ronnie Fields, the sheriff in the region where the attacks happened, said a suspect drove up to two Duke Energy power substations before using firearms to disable the structures.
The BPA memo made reference to the attacks on western Washington substations, and said incidents included “setting the control houses on fire, forced entry and sabotage of intricate electrical control systems, causing short circuits by tossing chains across the overhead buswork, and ballistic attack with small caliber firearms.”
The next step, Johnson said, was looking at security measures and upgrades around their sites.
“We’re looking at our security and reviewing potential measures for additional protection,” he told Cascadia Daily News. “This is potentially dangerous for everybody.”
Demand on the existing electric grid continues to rise, particularly during extreme weather events like last summer’s heat wave and ongoing snowstorms in the region. In Texas, energy companies spent the summer pleading with residents to not use large appliances or air conditioning during soaring temperatures.
In Ohio, power grids were strained this year when temperatures hit 100 degrees and almost 200,000 residents were without power. In Nebraska, rolling blackouts last winter meant Omaha residents faced temperatures 23 below zero without heat when the grid failed.
Losing existing substations could be catastrophic.
“This can have serious public safety consequences,” Johnson said. “You think about all the things people use electricity for: medical devices that require electricity; people’s homes don’t work; streetlights don’t work.”
The suspects in the attacks, as well as the motives, are unknown, but extremist groups, including white supremacy groups, increasingly view attacking the power grid as a means of disrupting the country, according to a January report from the Department of Homeland Security’s Office of Intelligence and Analysis.
Terrorist and extremist groups “have developed credible, specific plans to attack electricity infrastructure since at least 2020,” according to the report.
CBS News, via "60 Minutes," has reported extensively on potential vulnerabilities to the U.S. power grid, including threats as complex as cyber warfare and as simple as homegrown terrorism with vandals using common rifles.
PSE was unable to confirm where the attacks occurred in western Washington, but none of them occurred at substations in Whatcom County, according to Deb Slater of the Whatcom County Sheriff’s Office.
The presence of local heavy industry, fed by an extensive network of transmission lines from hydro dams and other significant power generators, makes Whatcom County home to an extensive — and potentially vulnerable — electric infrastructure.
“PSE has extensive measures to monitor, protect and minimize the risk to our equipment and infrastructure,” a PSE spokesperson said. “The methods PSE utilizes to protect its substation assets and infrastructure depends on a variety of factors, including governmental requirements and/or guidelines required for all regulated utilities.”
PSE declined to answer additional questions about security upgrades or the location of attacks.
Current state regulation requires specific precautions to be taken, according to Washington Code 296-45-475.
Last week, the Federal Energy Regulatory Commission (FERC) ordered the North American Electric Reliability Corporation (NERC) to review existing security rules for substations and control stations across the country.
“One, it reminds us that we need to take physical security into account just as we do cyber security,” FERC Chairman Richard Glick said last week at the commission meeting, cautioning that the motives for the Moore County attack and some similar incidents elsewhere remain murky and under investigation by local and state law enforcement.
“But in the meantime, I think it’s a good idea and this is a good step of trying to reassess our existing physical security standards and whether changes need to be made.”
The NERC report will be delivered to FERC within 120 days.
This story was updated at 3:30 p.m. Dec. 22, to include an additional credit.