In November 2021, a hacker using ransomware took down nearly the entire computer network at an electric cooperative in Colorado. The highly invasive cyberattack disabled not only Delta-Montrose Electric Association’s phone and email systems, but also the co-op’s customer management platform, meter data management system, mapping capability, and file servers.
Fortunately, the co-op managed to keep electricity flowing to members, but it took months to rebuild its network from the ground up. In the meantime, the co-op struggled with basic functions, including billing, because its meter-reading system was down.
In the spirit of the cooperative principle of Cooperation Among Cooperatives, Delta-Montrose has shared its story with co-ops around the country to help them avoid similar scenarios. Since October is national Cybersecurity Awareness Month, Greg Niese, director of information technology for Ohio’s statewide association of electric co-ops, says it’s an ideal time for co-ops (and their members) to use those lessons to focus on protecting their own computer and digital systems.
“We look at cybersecurity like we look at workplace safety. It’s a key component in everything we do, and it’s part of everyone’s job, from the top down.”
“We look at cybersecurity like we look at workplace safety,” Niese says. “It’s a key component in everything we do, and it’s part of everyone’s job, from the top down.”
Cybersecurity is more critical now than ever, Niese says, as the same new technology that enhances co-ops’ ability to serve their members also brings additional risks for cyberattacks. The electric grid as a whole is being targeted more and in different ways than ever before — and not just by small groups or individuals, but by hostile nations looking for ways to infiltrate critical infrastructure in the U.S.
“If systems used to manage the grid are attacked, operations can be compromised,” Niese says. “Cyberattacks — especially ransomware — can cripple core systems, including meter data management and automated meter reading systems, customer service platforms, grid control systems, and communication networks. That kind of disruption can do anything from delaying billing to interrupting power delivery altogether — any number of things that erode members’ trust.”
Niese and his team at OEC support information technology professionals at local co-ops to make sure cyber defenses are robust, effective, and up-to-date in an ever-evolving landscape of threats.
“We don’t dictate co-op policies and procedures, but we help each co-op understand where they are in their cybersecurity position,” Niese says. One such effort is RECAP, the Rural Electric Cyber Advancement Program, which involves a team of IT professionals conducting independent assessments at each co-op and identifying top priorities for improvement. “We make use of national standards from the Department of Energy or the National Institute of Standards and Technology to form a task list to help our co-ops prioritize and focus their efforts to effectively improve their cybersecurity.”
Through RECAP and other resources, such as the National Rural Electric Cooperative Association’s Cyber Goals program, co-ops are able to benchmark and improve their cyber posture, conduct regular assessments and tabletop exercises, and share threat intelligence and best practices.
“We see a lot of information sharing, both nationally and throughout the state,” Niese says. “We all participate in industry programs and training.”
But cybersecurity isn’t just a technology issue, Niese says — and it’s not just the responsibility of IT professionals.
“It’s a people issue,” he says. “Phishing, weak passwords, and poor cyber hygiene are common entry points for attackers. This makes training and awareness critical not only for co-op employees but also their members.” So co-ops continually educate staff on the latest cybersecurity issues and provide regular training on best practices and the importance of adhering to security protocols, cultivating internal cultures of cybersecurity awareness.
Communication from co-ops to members is also important, both to reassure members that co-ops take cyber threats seriously and to remind them to keep their own systems and data safe.
“After the Delta-Montrose cyberattack, their members lost a degree of trust,” Niese says. “Members expect transparency, modern protections, and communication, and we want them to know that their cooperative is constantly working to protect its own cyber resources and also keep its members’ data safe.”
