Definitely one of our nations backbones that needs protected…..
Policymakers are searching for ways to defend the nation’s power grid from a major cyberattack, amid concerns the industry’s digital defenses are dangerously lagging and underfunded.
Security experts warn that energy companies, while attuned to the threat, are scrambling to play catch-up, leaving the all-important power grid exposed to hackers.
On Capitol Hill, the threat of a major power grid hack has mostly gone with little notice, sidelined by the bold cyberattack on Sony Pictures Entertainment, a series of hacks across the health insurance industry and the devastating intrusions at the Office of Personnel Management (OPM), thought to be the largest ever digital theft of government data.
But while the chances of a headline-grabbing cyberattack hitting the energy system remain minimal, the damage could easily surpass any of the digital assaults that have driven the cyber talks on Capitol Hill this year.
“Just because something is a low probability doesn’t mean it’s going to be low impact,” said Stephen Boyer, co-founder of security firm BitSight.
“The whole idea of the grid is crucial,” emphasized Rep. Sheila Jackson Lee (D-Texas), who is backing a bill to prioritize power grid cybersecurity. “It is the backbone of America’s industry and social life or quality of life for our citizens. Therefore a grid that is attacked is your water, it’s your sewer, it’s your electricity.”
And according to researchers, the industry isn’t fully prepared to stymie sophisticated hackers.
“There are definitely some risks and some gaps,” said Boyer, whose company rates cybersecurity preparedness at thousands of firms, including many within the energy and utilities sector. “Those that are making policy decisions need to account for that when we’re trading off where we’re going to make investments.”
In recent years, cyber spies and overseas hackers have increasingly turned their attention to the U.S. power grid. In 2014, the energy sector was the most targeted of the nation’s critical infrastructure industry sectors, accounting for a third of cyber incidents, according to a government report.
National Security Agency (NSA) Director Adm. Michael Rogers acknowledged in a congressional hearing that China and likely “one or two” other countries are currently sitting on the grid, with the ability to literally turn out the lights if they wanted to.
Rogers said these states, which likely include Russia and possibly Iran, “are deterred only by the fear of U.S. retaliation.”
But, he added, “We can’t count on the fact that less rational actors might also gain access to those critical systems.”