More than 250 organizations took part last week in GridEx VII, the seventh edition of the biennial exercise focusing on the security of the electrical grid in the United States and Canada.
GridEx is organized by the Electricity Information Sharing and Analysis Center (E-ISAC) at the North American Electric Reliability Corporation (NERC) and is the largest grid security exercise in North America.
GridEx VII focused on testing crisis response and recovery plans for cyber and physical threats targeting the electrical grid.
A report detailing the exercise and lessons learned, which will help improve the security of the grid, is expected to be released in the first quarter of 2024.
The report published for the 2021 GridEx exercise revealed that the previous edition’s objectives included strengthening coordination between the US and Canada, as well as coordination between the electric sector and the natural gas and telecoms sectors.
Other objectives focused on the handling of misinformation, and response to a supply chain-based compromise of critical components.
Attacks aimed at power grid systems are not uncommon. Mandiant reported recently that the notorious Russian threat group Sandworm used novel OT attack techniques in an operation that caused an unplanned power outage in Ukraine.
In September, Symantec reported that a China-linked threat actor maintained access to a compromised national power grid in Asia for as long as six months.