The electric power grid in the United States is highly vulnerable to cyberattacks and other threats, concluded a report issued on Wednesday by Congressmen Ed Markey (D-MA) and Henry Waxman (D-CA).
“More than a dozen utilities” reported that deliberate cyber attacks have occurred daily, with one utility reporting 10,000 attacks each month. The report also focuses on vulnerability to geomagnetic storms. Congressional staff queried 150 power utilities in preparing their findings.
The paper’s authors assert that most utilities have not responded adequately to voluntary standards for cybersecurity to prevent such attacks, leaving them unprepared and susceptible. They note that when security standards are made mandatory, as was the case with the response to the 2010 Stuxnet computer worm, utilities’ responses have been much more thorough, but that other important, but voluntary, standards often go largely ignored. Markey and Waxman have sought Congressional action, including making compliance with stronger standards mandatory for utilities.
Another key finding noted that spare parts, especially the large transformers that are critical to delivering power to home and business customers, are in acutely short supply. “It is unclear whether sufficient spare transformer capacity exists to maintain operations in the event of a sector-wide cyber-attack or other widespread reliability challenge,” the report found. Very few utilities reported owning spare transformers or even being aware of spare transformers they could have access to if necessary.
The authors have advocated legislative solutions, including giving the Federal Energy Regulatory Commission greater authority to require utilities to comply with tougher standards for cybersecurity. They argue that the body currently responsible for such standards, the North American Electric Reliability Corporation, is too slow and inefficient to respond adequately to rapidly-evolving grid security vulnerabilities. The increased authority they propose would require Congressional action.
Power interruptions that could result from such incidents are costly not only to the nation’s economy and society, but potentially to national security as well. The Government Accountability Office observed in 2009 that of the Department of Defense’s most critical assets, 31 rely on commercially-operated grids for their primary source of electricity.
Some industry groups, including the National Rural Electric Cooperative Association (NRECA) and American Public Power Association, were critical of the report’s findings, calling them alarmist and based on questions too narrow or concerning information too sensitive to be answered adequately. “In an environment where the risks change rapidly, better information sharing and continuously updated training will do far more to protect the nation’s electric system than partisan fear mongering for political advantage,” noted NRECA Vice President Kirk Johnson.
Find Archived Articles: