US Takes Steps to Protect Electric System From Cyberattacks

The Biden administration is taking steps to protect the country’s electric system from cyberattacks through a new 100-day initiative combining federal government agencies and the private industry.

The initiative, announced Tuesday by the Energy Department, encourages owners and operators of power plants and electric utilities to improve their capabilities for identifying cyber threats to their networks. It includes concrete milestones for them to put into use technologies so they can spot and respond to intrusions in real time.

The department is also soliciting input from electric utilities, energy companies, government agencies and others for recommendations about how to safeguard the energy system supply chain.

“Innovative partnerships like these are essential to addressing the urgent cybersecurity challenge because much of our critical infrastructure is owned and operated by the private sector,” Emily Horne, a spokeswoman for the White House’s National Security Council, said in a statement.

The effort, which besides the electricity industry also involves the Cybersecurity and Infrastructure Security Agency, underscores the heightened concern about the prospects for cyberattacks that disrupt the power supply. Anne Neuberger, the deputy national security adviser for cyber and emerging technology, said in an interview with The Associated Press earlier this month that the administration was undertaking a new effort to help electric utilities, water districts and other critical industries protect against potentially damaging cyberattacks.

A Government Accountability Office report last month found that the U.S. grid’s distribution systems, which transport electricity from transmission systems to consumers, are increasingly at risk. It said hackers can use multiple techniques to gain access, including compromising the supply chain by manipulating software or hardware or exploiting virtual private network connections.

The report recommended that the Energy Department, the primary federal agency for the energy sector, do more to address those risks.

The U.S. “faces a well-documented and increasing cyber threat from malicious actors seeking to disrupt the electricity Americans rely on to power our homes and businesses,” Energy Secretary Jennifer Granholm said in a statement announcing the new effort.

“It’s up to both government and industry to prevent possible harms — that’s why we’re working together to take these decisive measures so Americans can rely on a resilient, secure, and clean energy system,” she added.

Learn more about critical infrastructure security at SecurityWeek’s ICS Cyber Security Conference and SecurityWeek’s Security Summits virtual event series

Related: More Threat Groups Target Electric Utilities in North America

Related: Domain Name Security Neglected by U.S. Energy Companies

Related: Suspected Russian Hack Fuels New US Action on Cybersecurity

Related: US Looks to Keep Critical Sectors Safe From Cyberattacks