DOE: Emergency powers necessary to combat cyber threats to grid
- The U.S. Department of Energy focuses on the growing cybersecurity threat as part of the second installment of its Quadrennial Energy Review, and recommends state and federal regulators have the authority to protect the grid while also aligning power reliability with national security, the Washington Post reports.
- The report identifies power reliability as a "growing and essential component of national security," and calls for the Federal Energy Regulatory Commission to modify or create new relaibility standards to address the threat.
- Cybersecurity is a growing concern, evidenced by Sen. John McCain's remarks to Meet the Press moderator Chuck Todd. In that meeting, McCain said Russia has the capability to shut down American power plants through cyber hacking efforts.
Cybersecurity and the potential vulnerability of the United States' electric grid has grown into an above-the-fold storyline, in the last year. Following a blackout in Ukraine's grid two years ago, and last month's malware scare at Burlington Electric, the issue is now at the forefront of grid planning and will likely remain there as systems are increasingly interconnected.
"Grid security is a national security concern—the clear and exclusive purview of the Federal Government," the Department of Energy concluded in its recent report. The Federal Power Act must be amended, the agency said, to ensure the DOE can "develop preparation and response capabilities that will ensure it is able to issue a grid-security emergency order to protect critical electric infrastructure from cyber attacks, physical incidents, EMPs, or geomagnetic storms."
Among the report's recommendations: FERC should adopt integrated electricity security planning and standards; DOE should collect targeted data on critical cyber threats; and the agency's loan guarantee program should be expanded and made more flexible to "assist in the initial deployment of innovative grid technologies and systems."
Last month the Washington Post erroneously reported Burlington Electric had been the target of Russian hackers. The report turned out to be overblown—the code found on a laptop could have been tied to Russian-based malware, but the laptop was unconnected to the grid, and the malware involved could be part of a run-of-the-mill cyber probe or harmless altogether. But the elevated concern is here to stay, and industry and government officials are tackling measures to enhance communication between key agencies.
The North American Electric Reliability Corporation held a simulated attack on the United States grid infrastructure in 2015, finding among other recommendations that communication between the utility industry and federal government needed to be improved.
This week on Meet the Press, Sen. McCain underscored national concerns of a future Russian cyber probe in his interview.
"It isn't just elections that they are hacking into. It is across the board, including military secrets that we have, including the ability to shut down satellites, including the ability to shut down power plants," McCain told moderator Chuck Todd. "I mean, they can do grave danger to the United States of America."
- The Washington Post New Obama report warns of changing ‘threat environment’ for the electricity grid
Follow Robert Walton on Twitter