This post is also available in: עברית (Hebrew)
The U.S. Energy Department announced a 100-day plan to harden security systems for the country’s electrical infrastructure and increase the ability to detect and neutralize cyber threats. The move came over the backdrop of increasing cyberattacks on US electrical infrastructure. A Government Accountability Office report issued last month warned that the U.S. grid’s distribution systems “are growing more vulnerable, in part because their industrial control systems increasingly allow remote access and connect to business networks.”
According to the Energy Department, “The United States faces a well-documented and increasing cyber threat from malicious actors seeking to disrupt the electricity Americans rely on to power our homes and businesses. It’s up to both government and industry to prevent possible harms — that’s why we’re working together to take these decisive measures so Americans can rely on a resilient, secure, and clean energy system.”
The electric industry was among those hit by recent cyberattacks and data breaches targeting Solar Winds (which provides network monitoring software) and Microsoft Exchange software. The U.S. government has blamed Russia’s spy agency for the Solar Winds attack. Microsoft said vulnerabilities in its mail and calendar software for corporate and government data centers were primarily exploited by the so-called Hafnium group in China.
The 100-day plan includes “aggressive but achievable milestones and will assist owners and operators as they modernize cybersecurity defenses, including enhancing detection, mitigation, and forensic capabilities,” according to the National Security Council.
Among the fears — that an enemy of the United States or a cybercriminal group could replicate what happened in Ukraine in 2015 when the information systems of the country’s three energy distribution companies were remotely accessed by Russia, causing 200,000 consumers to lose power. A year later in Ukraine, a power transmission station was knocked offline by Russian hackers.
Officials describe this effort to harden the power system against cyberattacks as a pilot project of the Biden administration before such measures are enacted for other vulnerable sectors of the country’s infrastructure.