Congress Looks to Force Extra Protection on Utilities to Combat Cyberattacks
May 22, 2013 2:24 PM
comment(s) - last by
Utilities confirm attacks, but say their protections are sufficient and gov't report is overblown
Don't want our help? Too bad, we're
going to give it to you
I. Big Brother Gov't Wants to Give Utilities a "Helping Hand"
That's the message a pair of Democratic lawmakers are sending utility companies, following concerns about attacks from hostile foreign hackers.
Rep. Henry Waxman
Rep. Ed Markey
(D-Mass.) released a
[PDF] at the
House Energy and Commerce Committee
Tuesday cybersecurity hearing
In the report, they interviewed 160 utilities about their cybersecurity experiences over the last five years. More than a dozen of the utilities -- or roughly ten percent -- said they've
experienced persistent threats
-- daily, constant, or frequent intrusion attempts.
If such attacks succeed the consequences would vary. Some hostile parties
might look to
cause actual damage and destruction
via severe attacks. America's "frienemies"
might simply look to plant
backdoors and malware to cripple the U.S. power grid
, should the need ever arise.
Rep. Waxman says utilties should bend over and accept the government's helping hand.
[Image Source: InfoWars]
A Midwest utility spoke to the sophistication of some of these efforts, commenting, "Much of this activity is automated and dynamic in nature, able to adapt to what is discovered during its probing process."
The report does note that some attackers come from "less serious" threats -- like
or rings of cybercriminals.
Some utilities have experienced persistent attacks. [Image Source: NERC]
The Democrats want Republican members of the House to join with them in pushing through cybersecurity legislations. Such legislation could install government security regulators at privately owned utilities and force utilities to share information on threats or face fines.
II. Utilities: "Thanks, But No Thanks"
But according to the utilities they don't want, need, or appreciate "help" in the form of new rules and restrictions from the government, which
. Such efforts
could also harm consumer privacy
, leading to a backlash that utilities are uneager to be a part of.
Arkansas Electric Cooperative Corporation
Chief Executive Duane Highley at the hearing said that while there's always room for improvement, a government "solution" might do more harm than help. He testified, "The majority of [these] attacks, while large in number, are the same attacks that every business receives (via the web). NERC has it covered. Please don't mess up."
In a post-hearing
he adds, "Those are very routine kinds of attacks and we know very well how to protect against those...Our control systems are not vulnerable to attack."
North American Electric Reliability Corp
(NERC) calls the hearings much ado about nothing and labeled the report as "overblown". It argues that common sense and industry standards have compelled utilities to
already separate control systems and consumer-facing administrative networks
, so there's no way a hacker could "take out" the power grid, assuming the utility was following the guidelines.
Power grid experts say utilities already air-gap control networks. [Image Source: NERC]
NERC Chief Executive Officer Gerry Cauley at a speech at the Reuters Cybersecurity Summit reiterated that there had never been a destructive cyberattack on the U.S. power grid, and the greatest threats to U.S. utilities still come from the possibility of physical attacks (such as a terrorist effort). Mr. Highley agrees. In a statement he comments, "We're all about reliability. We don't want to have lights going out anymore than anybody else does."
But NERC may be able to breathe a sigh of relief; at present
have stalled as the Republican-controlled House clashes with the Democratic controlled Senate on wording and scope of two bills, which currently sit in review. Meanwhile President Obama has vowed to push through some changes
via executive orders
, but experts say those orders have less power to force business compliance than a law.
U.S. House Energy and Commerce Committee
House Report [PDF]
This article is over a month old, voting and posting comments is disabled
RE: Let the finger pointing begin.
5/23/2013 1:06:23 AM
There has been nothing added to the constitution since 1992--and I don't have any heartburn with the 27th amendment. The constitution doesn't need to be reset: the constitution is FINE.
What needs to be reset is the mentality of congress, the supreme court, and president. Strict adherence to the constitution (and not the BS of, "living document" crap) will get this country headed in the right direction. It's a failure of our judicial branch that it has allowed such widespread divergence from constitutional intent.
The western world, collectively, seems to ignore what history has borne out time and again--that economic prosperity and social welfare programs are inversely proportional. Worse, that social welfare programs do less for improving quality of life, than a complete dearth of social programs & a strong, booming economy. This is the reason why the standard of living in westernized countries is so much higher.
I could talk for hours about how special interest money has ruined this country...but instead, I'll just poke fun of how much Waxman looks like a sewer-rat; which is kind of fitting, actually.
RE: Let the finger pointing begin.
5/23/2013 1:25:50 PM
Well since we're both in agreement debate at this point is pretty pointless, ima throw this in here.
So.... less debate more action?
"Nowadays, security guys break the Mac every single day. Every single day, they come out with a total exploit, your machine can be taken over totally. I dare anybody to do that once a month on the Windows machine." -- Bill Gates
China Back to Cyberlooting "Helpless" U.S. After Failure of Obama Shaming Strategy
May 20, 2013, 11:12 AM
Anonymous Hacks State Department, Hacks Bank, Defaces "Federal Agents" Page
February 22, 2013, 1:22 PM
Utility Companies, Government Look to Protect Electric Grid from Hacks
February 21, 2013, 8:28 AM
Report: Obama Preps Sweeping Cyberdefense Executive Order for Wednesday
February 12, 2013, 2:15 PM
House Cybersecurity Bill Makes a Comeback, Despite Obama Veto Threat
February 8, 2013, 2:55 PM
Tech's Biggest Loser on Tax Day: eBay Pays Nearly 99 Percent Tax Rate
April 15, 2015, 3:28 PM
Death and Dragons -- Report Claims Game of Thrones Hit by Piracy "Tidal Wave"
April 10, 2015, 8:37 AM
Court Blocks Twitter and YouTube in Turkey After Pro-Communist Attack in Istanbul
April 6, 2015, 10:53 AM
In Graphics and Quotes: $10.4 Billion Charter & Bright House Merger
April 2, 2015, 5:19 PM
WSJ Report Implies That Google Leveraged Lobbying to Kill Antitrust Abuse Probe
March 25, 2015, 5:37 PM
Nationalist Hackers From Turkey Cause Chaos, Deface Dozens of Sites
March 16, 2015, 12:29 PM
Most Popular Articles
Raytheon $1.9 Billion Purchase of Websense Raises Tough Questions
April 20, 2015, 1:57 PM
HBO to VPN HBO Now Users: Prove You Live in U.S. or We Will Terminate You
April 21, 2015, 12:17 PM
AMD CEO: Windows 10 Will Launch at "The End of July"
April 20, 2015, 7:24 PM
Quick Note: Lady Macbath -- One Japanese Woman's Apple Themed Revenge
April 23, 2015, 11:47 AM
After Record-Setting Week, Samsung Predicts 70 Million GS6/GS6 Edge Sales
April 17, 2015, 8:39 PM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information