ISIS joins the list of US power grid threats, lawmakers call for stronger cyber defenses
- Federal lawmakers are calling for tighter cybersecurity for the nation's power grid amid indications that the Islamic State in Iraq and Syria has been attempting to pull off a complicated hack, the Hill reports.
- Though the group hasn’t been successful and generally has a low capability to pull off technological attacks, federal law enforcement officials are concerned the group could purchase the capability.
- Rep. Sheila Jackson Lee (Texas-D), who earlier this year introduced the Terrorism Prevention and Critical Infrastructure Protection Act, has called for action on the bill in the wake of reports.
Amid a growing realization that the United States' power grid is vulnerable to cyberattacks that could potentially result in massive damages, lawmakers and enforcement officials are calling for tighter rules and action on pending legislation.
“No solace should be taken in the fact that ISIS has been unsuccessful,” Jackson Lee said in a statement. “ISIS need only be successful once to have catastrophic impact on regional electricity supply.”
The Hill reports that, speaking at an industry conference last week in Philadelphia, FBI Cyber Division Section Chief John Riggi described the group's ability to infiltrate as: “Strong intent. Thankfully, low capability." But he added that "the concern is that they'll buy that capability."
In January, Jackson Lee introduced the Terrorism Prevention and Critical Infrastructure Protection Act, which would direct the Secretary of Homeland Security to work with critical infrastructure owners and operators to strengthen resiliency against attack. In her most recent statement on the issue, the lawmaker said critical infrastructure "remains an essential area that must receive the needed attention to protect it against all threats and all hazards."
While so far hackers have had little success infiltrating U.S. power systems, there are vulnerabilities and the potential for damage is immense. Lloyd's of London, a London-based insurance market, believes a widespread attack on the power grid, even with a low success rate, could lead to economic losses ranging from $243 billion up to $1 trillion in the most damaging scenarios.
Federal regulators are working on modifications to critical infrastructure protection reliability standards, and FERC wants the utility industry to develop new security protocols, including standards for data flowing across unsecured third-party networks.
In August, the Department of Homeland Security pushed to create a new committee aimed at bolstering cyber defenses for utilities, according to the Hill, which would examine a combined approach for state and local cybersecurity.
Follow Robert Walton on Twitter