Site icon TechNewsBoy.com

Hacks Rank Among Top Power Grid Risks, Watchdog Says

Cybersecurity has become a core issue for the U.S. power system, as important as the supply of raw materials used to generate electricity, a senior official at the grid’s watchdog said, as government officials push to shore up critical infrastructure from hackers.

“Security is at the heart of our operations, and one of the highest priority items right next to changing resource mix,” said

John Moura,

director of reliability assessment and performance analysis at the North American Electric Reliability Corp., a standards-setting and enforcement body for the energy industry.

The electric grid didn’t suffer any loss of output as a result of cyberattacks in 2020, according to NERC’s State of Reliability report, published Tuesday. Intelligence sharing among companies through the Electricity Information Sharing and Analysis Center, which NERC operates, grew by 96% in 2020 compared with 2019, with about 2,600 pieces of information shared. Suspicious activity reports, cyber-related reports, and information on phishing scams and software vulnerabilities made up the bulk of the data, the report said.

NERC’s growing focus on cyber reflects a broader push by the Biden administration, which launched a 100-day plan in April to identify and remediate vulnerabilities in the power grid. The Energy Department, Cybersecurity and Infrastructure Security Agency and nongovernment organizations such as NERC have helped electric utilities upgrade their defenses, providing a blueprint the White House hopes to replicate across other sectors.

Mr. Moura said cyberattacks had been a particularly serious concern for NERC since hackers last year penetrated

SolarWinds Corp.

software and proceeded to break into systems at private companies and federal agencies. The U.S. has blamed Russian intelligence services for launching the attack, which Moscow denies.

“Unlike weather or some of our other risks, this is much more difficult to manage,” he said. “The persistence that we’ve seen and the level of sophistication more recently, especially with SolarWinds at the end of the last year, really highlighted the capability of the threat actors.”

Fears of cyberattacks against the energy sector came to fruition on May 7, when a ransomware attack against Colonial Pipeline Co. shut down a key East Coast fuel artery for six days. In June, Energy Secretary

Jennifer Granholm

said that U.S. adversaries had developed cyber capabilities that could take down the power grid.

Reflecting growing concerns about the state of cybersecurity in critical economic sectors, a bipartisan infrastructure bill passed by the Senate on Aug. 10 earmarked $1.9 billion in funding for cybersecurity improvements.

While the bill is a step in the right direction, power lobbyists say, much more investment is needed to secure systems in the future, particularly given the vulnerabilities posed by aging operational technology.

“Tens of billions of dollars more will be needed to adequately fund needed cybersecurity improvements,” said

Jim Cunningham,

president of the power advocacy group Protect Our Power. Critical areas include upgrading communications systems, enhancing supply chain security and providing funds for smaller power companies that might have limited cyber budgets.

“We have a once-in-a-generation opportunity to repair and rebuild our infrastructure,” he said.

Write to James Rundle at james.rundle@wsj.com

Copyright ©2021 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version