The attack caused "interruptions" in "electrical system operations".
Power was not lost, but the grid operators might have lost "visibility" and been unable to oversee the system for a short period of time. Or the attack might have only affected office functions.
The counties impacted included those containing two major urban areas, Los Angeles and Salt Lake City. It is not known which utility was targeted or how the attackers gained access.
Experts said DoS attacks are relatively simple and the March incident should have been prevented.
The attack highlights the vulnerability of a modern grid to malicious electronic interference.
In a typical DoS scenario, attackers use trojan viruses to harness computers, creating a network of web robots – a botnet – that can swamp a target and make it unavailable to its intended users.
In this case, the attack seemed to target a software flaw that should have been patched.
A Department of Energy (DOE) official said: "The DOE received a report about a denial-of-service condition that occurred at an electric utility on 5 March 2019, related to a known vulnerability that required a previously published software update to mitigate.
"The incident did not impact generation, the reliability of the grid or cause any customer outages."
The official declined to identify the utility or to explain the function of the software involved.