Grid Security Now!

Grid Security Now!

Michael Mabee – Author of The Civil Defense Book

Menu
  • Home
  • Library
    • Grid Security Library
      • Government Documents on Grid Security
      • OE-417 Electric Disturbance Events Database
      • CIP Violation Database
      • Database of Chinese Transformers and Equipment in the U.S. Electric Grid
      • Why Haven’t We Secured the Grid?
      • What is the Electric Grid and How is it Regulated?
      • Grid Protection Posts
      • Video (EMP and Grid Security)
    • Civil Defense Library
      • The cavalry is not coming
      • Civil Defense Posts
      • Video (Preparedness)
      • Civil Defense Checklists
  • In the Press
  • Take Action!
  • Fund The Fight!
  • About Me
    • About Michael
    • Interviews – Michael Mabee
    • Subscribe to Mike’s Blog
    • Contact Me
  • My Book
Menu
Duke Energy Take Action

Duke Energy Notice of Penalty Docket Shut Down!

Posted on August 30, 2019September 1, 2019 by Michael Mabee

 


Duke Energy was fined $10 million for cybersecurity violations – But you don’t have the right to know this!

Would the public be interested in knowing what company was issued a $10 million penalty for cybersecurity violations? Do we have a right to know if companies are endangering our lives, and if our government’s regulatory regime to protect us is effective?

Nope. Not according to the government.

The grid’s non-profit regulator, the North American Electric Reliability Corporation (NERC) imposed the $10 million penalty on January 25, 2019 against unnamed companies that committed 127 violations of Critical Infrastructure Protection (CIP) standards over several years. The press has since outed Duke Energy Corp. as the violator, but neither NERC nor the U.S. government have acknowledged this. The coverup remains.

Numerous citizens wrote to the Federal Energy Regulatory Commission (FERC) requesting the identity of just such a regulatory violator.  The answer from FERC? They refuse to listen to the citizens based on a technicality.

This means, the government has shut down the Duke Energy penalty case without officially revealing who the violator is. And this is not an isolated case.

Duke Energy is just one example in a massive coverup

Since  July of 2010 when the coverup began, there have been 255 regulatory penalty cases for violations of Critical Infrastructure Protection (CIP) standards. These cases have involved almost 1,500 violators and not one identity of a violator has been released to the public dockets. I have filed Freedom of Information Act (FOIA) requests for 253 of the 255 cases so far, but to date, FERC has only released the names of 4 of the violators to me under FOIA. For detailed information on my FOIA battle with all of the documents, click HERE. A few others have been outed by the press, but not one of the almost 1,500 CIP violators has been acknowledged by the government.

Why is this important to you? Because there is significant evidence that the regulatory system that protects our electric grid is broken. In order to determine whether they regulatory system is effective or not, the public, Congress, and state utility regulators need more information on who is violating CIP regulations – and what is being done about it.

Evidence that the regulatory system needs reform

Duke EnergyA review of the publicly available information on these dockets reveals troubling issues; however, without the disclosure of the names of the entities and the text of settlement agreements, it is impossible for the public to fully appreciate how standards violations by utilities place lives at risk. Here are some examples:

  • Since the Metcalf substation attack on PG&E on April 16, 2013, one would think that there would be utility focus on physical security for high voltage transformers – most of which are guarded only by a chain link fence and crossed fingers. So exactly how many enforcement actions would you guess there have been in the last 6 years for “CIP-014” physical security? Only four (4). (See this report for details.)
  • Many of the “penalties” result from settlement agreements (e.g., the “Unidentified Registered Entity” agrees to pay the “penalty” and in many cases does not admit fault for the violation). Without knowing the details of the settlement agreements, the public cannot adequately analyze the terms and penalties, or even identify offending utilities.
  • In some of the cases that were “settled,” the regulated entities were “uncooperative” (FERC Docket NP16-12-000) or “not fully transparent and forthcoming” (FERC Docket NP18-7-000). “Settling” with such bad actors raises many regulatory red flags and the public needs to analyze these FERC-approved transactions in more detail.
  • I have found numerous examples of non-CIP violations that have been redacted. For example, I have found at least four violations of vegetation management standards for transmission lines in the Western Interconnection – the same region where over 86 deaths occurred in the “Camp Fire” – the deadliest and most destructive wildfire in California history. This is the same region where a “regulated entity” (PG&E) has significant liability for wildfires. The public has a right to know who standard violators are, especially when the standards violations may have resulted in dozens of deaths.
  • The total penalties between July 2010 to August 2019 for CIP violations have been $35,825,920. Is this a large or small amount? Well, the electric utility industry spent $145,139,140 in lobbying and political contributions in 2018 alone. (So I’d say it is a small amount of penalties for a 9 year period.)

After this NERC cover up started in July of 2010, there has been less incentive to fix the grid security problems. That’s why disclosure is important. Why should utilities spend money to fix grave cybersecurity and physical security issues if they know that 1) if caught, the friendly regulator will “settle” the violation privately and the settlement agreement will be kept secret, 2) the utility can negotiate a trivial fine, and 3) the utility’s name will not be disclosed to the public?

We need citizen’s to take action!

Duke EnergyThe Secure The Grid Coalition is fighting to fix the electric grid’s broken regulatory scheme that is endangering all of us. We need your help.

On August 27, 2019, the Federal Energy Regulatory Commission published a “white paper” on the issue of disclosing the names of CIP violators. In an email FERC noted:

The Commission has recently received an unprecedented number of FOIA requests for non-public information in CIP NOPs.  Consistent with its regulations, Commission staff has released the identity of UREs in some limited cases where the Commission staff has determined that the release will not jeopardize the security of the Bulk-Power System if publicly disclosed.  The significant increase in FOIA requests for non-public information in CIP NOPs has raised security and transparency concerns within industry and the general public, which has prompted Commission and NERC staffs to re-evaluate the format of CIP NOPs filed with the Commission.  The current filing format, containing detailed violation information, when coupled with the potential release of URE identities, may not be achieving an appropriate balance of security and transparency.  The White Paper proposes a revised format that is intended to improve this balance.

FERC is accepting comments on this white paper (FERC Docket No. AD19-18-000) until September 26, 2019. We need to all let the Federal Energy Regulatory Commission (FERC) know that the security of the electric grid is critical – secret regulation and coverups are unacceptable to the public. As a citizen, you have the right to file a comment in this docket and be heard!

Tell the Commission in your letter that the public has the right to know the names of companies that violate the regulatory standards and we need sufficient details to make sure that the regulatory system is working!

The deadline to file on this docket is September 26, 2019 so write your letter today and submit it online to FERC Docket Number AD19-18-000, or mail it in to FERC (Be sure to include the Docket Number in your letter).

Submit to FERC online HERE (you need to register if this is your first time)

or, submit by mail:

Federal Energy Regulatory Commission
Kimberly D. Bose, Secretary
ATTN: Docket No. AD19-18-000
888 First Street, NE
Washington, DC 20426

###


Read More on the CIP Coverup:

  • CIP Coverup: The Proverbial Cat is Out of the Bag
  • UPDATED: CIP Violation Database and FOIAs
  • Regulatory Mutiny: The Grid Just Threatened FERC
  • Physical Security: The Electric Grid’s Dirty Little Secret
  • FERC Must Make A Choice
  • Grid Coverup: NERC’s “Double Secret Probation” of CIP Violators Continues
  • NERC’s “Cybersecurity Incident” Shell Game
  • NERC Coverup Investigation Report
  • Dear Senators Murkowski and Manchin…
  • Transmission Vegetation Management Cover Up?
  • FERC Commissioner Cheryl LaFleur: Step Up on Grid Security or Step Down!
  • Electric Grid Cyber Cover-Up: More Details Emerging
  • These “Unidentified Registered Entities” Endangered the Electric Grid
  • PG&E endangered the grid – and tried to cover it up
  • Now It’s a FERC Cover-Up
  • A NERC Cover-Up? Who Put the Electric Grid at Risk?



 

News

  • How to Fix Electric Grid Security
  • U.S. Continues to Import Large Transformers from China
  • 60 Minutes – How secure is America’s electric grid?
  • COVERUP UPDATE: CIP Violation Database and FOIA Lawsuit
  • Q: How Did We Become So Vulnerable?
  • Rate Recovery: How Electric Customers Fund Industry Lobbying
  • Energy Sector Supply Chain Review – U.S. Department of Energy
  • Criminally Negligent Homicide in February 2021 Texas Blackout Deaths?
  • Chinese Transformer Threat Now Confirmed by Two Administrations
  • Secretary of Energy Advisory Board: Comments of Michael Mabee
  • Electricity Advisory Committee: Comments of Michael Mabee
  • How the electric utility industry torpedoed grid security
  • Chinese Transformer Complaint Filed with U.S. Government
  • U.S. Electric Grid Imports More Chinese Transformers in 2020 and 2021
  • Recent Grid Threats: Frank Gaffney and Michael Mabee Break It Down
  • Secret Penalties: The Electric Grid Is Making You Pay Their Fines
  • Government Misses the Boat on Grid Security – Again
  • Critical Electric Infrastructure – The Government Must Step Up
  • FERC Dismisses Texas Grid Collapse Complaint
  • FERC Office of Public Participation: End the Electric Industry Coverup
  • Testimony of Michael Mabee on SB 1606 – All Hazards Grid Security
  • Federal Complaint Filed on Texas Grid Collapse
  • We Are Plugged In To Life Support
  • Texas Blackout: The Unacceptable Outcome of a Foreseeable Event
  • Chinese Transformers in the Electric Grid: Lights Out For NYC?
  • Message to Governor Jennifer Granholm and the Department of Energy
  • Chinese Transformers in the Electric Grid
  • The U.S. Has 300 Chinese Large Power Transformers
  • Senator Murkowski Questions Cybersecurity Order Suspension
  • Grid Supply Chain Cybersecurity Order “Suspended”

Fund The Fight!


Subjects

Search Website

Subscribe for Updates!

Follow me on Twitter

Tweets by CivilDefenseBK

Click To Get Prepared!

The Civil Defense Book: Emergency Preparedness for a Rural or Suburban Community
The Civil Defense Book Get it now!

Subscribe for updates

Follow Me On Facebook

The Civil Defense Book

9 months ago

The Civil Defense Book
Bradford Clark Freeman, the last surviving member of Easy Company's Band of Brothers, dies at 97apple.news/AkFt2MfXqTCWTe4KGOFDOPg ... See MoreSee Less

Bradford Clark Freeman, the last surviving member of Easy Company's Band of Brothers, dies at 97 — CNN

apple.news

Bradford Clark Freeman, believed to be the last surviving original member of the historic World War II parachute infantry regiment of the US Army known as Easy Company, died Sunday in Columbus, Missis...
View on Facebook
· Share

Share on Facebook Share on Twitter Share on Linked In Share by Email

The Civil Defense Book

9 months ago

The Civil Defense Book
Here Comes the Sun—to End Civilizationwww.wired.com/story/sun-storm-end-civilization/ ... See MoreSee Less

Here Comes the Sun—to End Civilization

www.wired.com

Every so often, our star fires off a plasma bomb in a random direction. Our best hope the next time Earth is in the crosshairs? Capacitors.
View on Facebook
· Share

Share on Facebook Share on Twitter Share on Linked In Share by Email

Fund The fight!


©2023 Grid Security Now! | Theme by SuperbThemes