Cyber Threats: When Will Electric Utilities Be Proactive Rather Than Reactive?

A growing number of reports are warning that the United States electric grid is vulnerable, and the impacts could be devastating. Two years ago, Lloyd's of London issued a report suggesting a widespread attack on the U.S. power grid could result in an economic loss from $243 billion up to $1 trillion in the most damaging scenarios.

In May, President Trump issued an executive order on cyber-security, sketching out a plan for federal agencies to strengthen protections for national cyber-security, federal IT networks and critical infrastructure, including the power grid.

The new NASEM report calls for a rethinking of how the industry envisions and plans for widespread and long-duration outages, and suggests the process include a focus on how those events could impact the U.S. dependence on vital public infrastructures and services provided by the grid.

Because no single entity is responsible for planning, operating, or regulating the grid, NASEM stressed the key to hardening the system will be an integrated approach that relies on coordination between state, federal, private, and public groups.

"The committee provides several overarching recommendations to adopt a more integrated perspective across the numerous, diverse institutions responsible for the resilience of electricity system," the group said.

M. Granger Morgan, professor of engineering at Carnegie Mellon University and chair of the committee, said in a statement that long-duration outages that leave millions without power could result in "economic damages estimated in the billions of dollars, posing serious threats to health and public safety, and also potentially compromising national security."

He warned that outages caused by natural disasters are more common that typically believed: "While the U.S. has not been subject to a large physical assault or cyberattack, both pose serious and growing risks.”

The report also calls for greater investment in physical resources to ensure that critical electric infrastructure is robust and that society is able to cope when the grid fails. Among the recommendations, DOE, DHS, and other agencies "should oversee the development of more reliable inventories of backup power needs and capabilities, like the U.S. Army Corps of Engineers’ mobile generator fleet."

The report also said investments, both public and private, should be made to improve the ability to maintain and restore critical services like power for hospitals, first responders, water supplies, and communications systems.

Original Article: https://www.utilitydive.com/news/national-academies-report-finds-grid-vulnerable-to-cyber-physical-attacks/447707/