The Government Accountability Office just released a report backing up earlier findings: because a series of recommendations were ignored, the U.S. electric grid remains highly susceptible to cyberattacks.
The grid is reliant on a number of IT systems that have known and likely unknown vulnerabilities. The result of a cyberattack on the grid could result in damage to electricity control systems, power outages, and failures in safety equipment on a scale currently unknown.
GAO believes that there are still massive problems in the way the grid secures itself. Here are some of the reasons why they said the grid was open to attack:
A lack of a coordinated approach to monitor industry compliance with voluntary standards.
Aspects of the current regulatory environment made it difficult to ensure the cybersecurity of smart grid systems.
A focus by utilities on regulatory compliance instead of comprehensive security.
A lack of security features consistently built into smart grid systems.
The verdict? A terrible regulatory environment that makes the industry focus on things that don't make the grid more secure. Electric companies who couldn't care less about spending more on security. A lack of focus on preventing an attack against the electric lifeblood of the United States.
The worst is, GAO told the Government what they had to do last year, and it was ignored.
The Department of Commerce's report on smart grid security was "missing key elements" and has not been fixed.
The Department of Energy was tasked with "periodically evaluate[ing] the extent to which utilities [...] are following voluntary interoperability and cybersecurity standards" and this report says they haven't.
Until that happens, the grid remains wide open. And all anyone has to do is look at India this week to see what happens when a nation's grid collapses.
Now, check out how the world's most advanced missile defense system takes out a target >
No comments:
Post a Comment