Electric Grid Cyber Protection: Six Key Recent Developments
Below is a synopsis of six particularly notable developments since November 2019 re: steps being taken to protect the U.S. electric grid from cyberattacks and the evolving nature of these threats.
National Security Council Report. On December 12 the President’s National Infrastructure Advisory Council (NIAC) provided a report to the President and the National Security Council urging that stronger steps be taken to protect U.S. companies from cyberattacks. “U.S. companies find themselves on the front lines of a cyber war they are ill-equipped to win against nation-states intent on disrupting or destroying our critical infrastructure,” said the report.
The report’s nine recommended actions include establishing a Critical Infrastructure Command Center (CICC) to improve real-time sharing and processing of private and public data. It also called for a one-day top-secret meeting with the CEOs of select energy companies and other companies to “build a compelling case for company action to counter serious cyber threats and to facilitate operationalizing the CICC.”
NIAC is composed of senior executives from industry and state and local governments who own and operate critical infrastructure.
Securing Energy Infrastructure Act Becomes Law. This bipartisan measure introduced by Senators Jim Risch (R-Idaho) and Angus King (I-Maine) became law as part of the Fiscal Year 2020 National Defense Authorization Act (NDAA). It calls for removing vulnerabilities in digital software systems through which hackers could access the energy grid. The Act establishes a two-year pilot program with the U.S. Department of Energy’s National Laboratories to research and test technology to protect critical systems.
Senators Raise Huawei Electric Grid Concerns with FERC. On December 6, a bipartisan group of ten U.S. Senators sent a letter to the Chairman of the Federal Energy Regulatory Commission (FERC), urging that steps be taken to protect the electric grid from threats from Huawei, the Chinese telecommunications company. Huawei is involved in solar power development. It produces inverters, which connect solar panels to the grid. The Senators call for “a ban on the company’s entry into the U.S. inverter market.”
U.S. Senate Report Warns of Chinese Theft of Energy Research. China has programs in place to systematically steal U.S. government research. This is a central conclusion in a November 19 bipartisan report by the Permanent Subcommittee on Investigations of the U.S. Senate Homeland Security Committee. The report notes that the U.S. Department of Energy is the largest federal sponsor of basic research in the physical sciences, supporting more than 25,000 researchers at more than 300 institutions and national laboratories.
House Subcommittee Advances Grid Security Measure. On December 19, the House Science, Space, and Technology Subcommittee on Energy passed H.R.5428, The Grid Modernization Research and Development Act. Introduced by Congressman Conor Lamb (D-Pennsylvania) and Congresswoman Jaime Herrera Beutler (R-WA), the measure calls for the U.S. Secretary of Energy to establish, “a research, development, and demonstration program to enhance resilience and strengthen emergency response and management pertaining to the electric grid.”
Cyberattacked Utilities Named. In a November 24 article, The Wall Street Journal identified more than a dozen U.S. electric utilities near critical infrastructure that have recently been attacked. The utilities operate in 18 states and are relatively small. The Federal Bureau of Investigation has been probing the attacks, which attempted to install malware and infiltrate utility operations. None of the attacks were successful.
About the Author: Paul Steidler is a Senior Fellow with the Lexington Institute, a public policy think tank based in Arlington, Virginia.
Find Archived Articles: