Security Experts:

U.S. Utilities Face Constant Barrage of Attacks

On Tuesday, during the House’s Energy and Commerce Committee's cybersecurity hearing, Representatives Henry Waxman and Ed Markey released a report detailing the risks faced by the nation’s power grid. According to responses sent to the lawmakers, the situation is as bad as expected, and could get worse unless changes are made.

Earlier this year, the two Democratic lawmakers sent questions to 160 utilities, which asked them to describe their cybersecurity strategies and their experiences over the last five years when it came to dealing with security threats.

When answering questions about various cyber attacks, it was revealed that more than a dozen reported daily, constant, or frequent attempted attacks. The attacks range in severity, from unfriendly probes of the network, to Phishing, and malware infection. One utility reported that it was the target of some 100,000 attacks each month. Further, a Northeastern power company said that it was under a constant state of attack from malware and entities seeking to gain access to internal systems.

In the Midwest, another power company said that it was “subject to ongoing malicious cyber and physical activity. For example, we see probes on our network to look for vulnerabilities in our systems and applications on a daily basis. Much of this activity is automated and dynamic in nature – able to adapt to what is discovered during its probing process.”

Additional responses led the lawmakers to inform the committee that warnings issued to President Obama about the threats to the power grid are real, and the proof is clearly seen in the messages from the network administrators themselves. Additionally, the responses also show that most utilities only comply with the cybersecurity standards that are mandated by law, leaving the standards that are voluntary on the sidelines – thus increasing the likelihood of a successful attack.

“National security experts say that cyber attacks on America’s electric grid top the target list for terrorists and rogue states, yet we remain highly vulnerable to attacks,” said Rep. Markey in a statement.

Adding to that, Rep. Waxman said; “The utility responses are sobering. They reveal serious gaps in the security of our electric grid and Congress needs to address these gaps in a bipartisan way.”

The full report is available online

view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.