Federal assessment finds ‘gaps’ in preparation for electric grid attacks

An assessment released by the departments of Energy and Homeland Security this week finds that there are shortfalls preventing the energy sector from improving its ability to respond rapidly in the event of a major cyberattack that disrupts the electric grid. 

The report, which was mandated by President Trump’s 2017 cybersecurity executive order, states that the United States is generally “well prepared” to manage major disruptions to the electric grid, such as cyberattacks that knock out power. 

{mosads}It emphasizes the action the federal government has taken over the last two years to prepare for a significant cyber incident, such as Homeland Security rolling out a national blueprint for cyber incident response at the end of the Obama administration. 

However, the report details a number of “gaps” preventing private electric utilities, government entities and other stakeholders from bolstering their ability to provide effective incident response in the event of a major cyber assault on the grid.

These include a lack of clarity around the roles of specific organizations in responding to prospective cyber incidents; shortfalls in the electric sector’s cyber workforce; a lack of effort to address supply chain vulnerabilities specific to the electric sector; and lackluster information sharing between private industry and the federal government. 

The threat posed by hackers to the electric grid has attracted attention in the wake of cyberattacks that took out portions of Ukraine’s power grid in 2015 and 2016. Russia is suspected of carrying out both attacks.

Lawmakers in Washington have grown increasingly alarmed of the prospect of a cyberattack on the grid after U.S. officials revealed in March that Russian hackers had staged a multiyear campaign to breach networks of the energy sector. In some cases, hackers broke into networks where they were able to view information on industrial control systems — which are used to power the grid in other critical services across the world.

“The next Dec. 7 won’t be airplanes and torpedoes coming at Pearl Harbor, it’s going to be triggered with an attack on our energy grid with rolling blackouts and chaos,” Rep. Don Bacon (R-Neb.) said earlier this year. 

The report issued Wednesday emphasizes that there is currently no evidence of intrusions of the U.S. grid resulting in “lasting” cyber or physical damage. However, it acknowledges that hackers have grown increasingly interested and capable in targeting the electric sector, particularly in exploiting industrial control systems. 

“There are key trends that are increasing the risk of significant cyber incidents,” the report states. “As cyber capabilities become more readily available over time, state and non-state actors will continue to seek and develop techniques, tactics, and procedures to use against U.S. interests.” 

The Trump administration has insisted it is making the security of the energy grid a priority. Energy Secretary Rick Perry in February rolled out plans to set up a new office for cybersecurity and energy security at the department. 

“This administration recognizes the growing security risk of cyber threats and has prioritized overcoming these challenges facing our Nation,” Perry said in a statement on the assessment’s release.

The Energy Department, he said, “will continue to work with the Department of Homeland Security, our National Laboratories, public, and private sector partners to improve cybersecurity practices and develop next-generation tools and capabilities that can be leveraged to better understand and mitigate cyber vulnerabilities in the energy sector.” 

The document was among a slew of reports released this week in accordance with the cyber executive order, which Trump signed in May 2017.