Print 6 comment(s) - last by talikarni.. on May 23 at 4:48 PM

Utilities confirm attacks, but say their protections are sufficient and gov't report is overblown

Don't want our help?  Too bad, we're going to give it to you anyways.

I. Big Brother Gov't Wants to Give Utilities a "Helping Hand"

That's the message a pair of Democratic lawmakers are sending utility companies, following concerns about attacks from hostile foreign hackers.  Rep. Henry Waxman (D-Calif.) and Rep. Ed Markey (D-Mass.) released a 35-page report [PDF] at the House Energy and Commerce Committee's Tuesday cybersecurity hearing.

In the report, they interviewed 160 utilities about their cybersecurity experiences over the last five years.  More than a dozen of the utilities -- or roughly ten percent -- said they've experienced persistent threats -- daily, constant, or frequent intrusion attempts.  

If such attacks succeed the consequences would vary.  Some hostile parties like Iran might look to cause actual damage and destruction via severe attacks.  America's "frienemies" like China might simply look to plant backdoors and malware to cripple the U.S. power grid, should the need ever arise.  

Rep. Waxman
Rep. Waxman says utilties should bend over and accept the government's helping hand.
[Image Source: InfoWars]

A Midwest utility spoke to the sophistication of some of these efforts, commenting, "Much of this activity is automated and dynamic in nature, able to adapt to what is discovered during its probing process."

The report does note that some attackers come from "less serious" threats -- like "ecoterrorist" groups or rings of cybercriminals.

Power grid
Some utilities have experienced persistent attacks. [Image Source: NERC]

The Democrats want Republican members of the House to join with them in pushing through cybersecurity legislations.  Such legislation could install government security regulators at privately owned utilities and force utilities to share information on threats or face fines.

II. Utilities: "Thanks, But No Thanks" 

But according to the utilities they don't want, need, or appreciate "help" in the form of new rules and restrictions from the government, which has a pretty troubled history trying to defend its own online presence.  Such efforts could also harm consumer privacy, leading to a backlash that utilities are uneager to be a part of.

Commented Arkansas Electric Cooperative Corporation Chief Executive Duane Highley at the hearing said that while there's always room for improvement, a government "solution" might do more harm than help.  He testified, "The majority of [these] attacks, while large in number, are the same attacks that every business receives (via the web).  NERC has it covered. Please don't mess up."

In a post-hearing interview with Reuters he adds, "Those are very routine kinds of attacks and we know very well how to protect against those...Our control systems are not vulnerable to attack."

North American Electric Reliability Corp (NERC) calls the hearings much ado about nothing and labeled the report as "overblown".  It argues that common sense and industry standards have compelled utilities to already separate control systems and consumer-facing administrative networks, so there's no way a hacker could "take out" the power grid, assuming the utility was following the guidelines.

Power Grid
Power grid experts say utilities already air-gap control networks. [Image Source: NERC]

NERC Chief Executive Officer Gerry Cauley at a speech at the Reuters Cybersecurity Summit reiterated that there had never been a destructive cyberattack on the U.S. power grid, and the greatest threats to U.S. utilities still come from the possibility of physical attacks (such as a terrorist effort).  Mr. Highley agrees.  In a statement he comments, "We're all about reliability. We don't want to have lights going out anymore than anybody else does."

But NERC may be able to breathe a sigh of relief; at present cybersecurity bills have stalled as the Republican-controlled House clashes with the Democratic controlled Senate on wording and scope of two bills, which currently sit in review.  Meanwhile President Obama has vowed to push through some changes via executive orders, but experts say those orders have less power to force business compliance than a law.

Sources: U.S. House Energy and Commerce Committee, House Report [PDF], Reuters

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By talikarni on 5/23/2013 4:48:53 PM , Rating: 2
(like tighter gun control, something 78% of the public agreed on)

You are so far off on this.... On a very realistic and more recent poll of 3000+ people (and not some predetermined cherry picked poll), 48% of registered Democrats support gun control (and half that for registered Republicans), yet you ask the same people that support it where Benghazi is and they will reply with "who is Ben Gazi?"

The real problem is the laws and control that the gov't is trying to force on us. People want more freedom, but the same ones that think gun control is a good idea also fail to understand that it will not stop criminals from continuing to commit crimes, and if anything makes it worse since fewer law abiding citizens would be able to defend themselves, their family or their neighbors.

"I f***ing cannot play Halo 2 multiplayer. I cannot do it." -- Bungie Technical Lead Chris Butcher

Most Popular ArticlesAre you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Leaked – Samsung S8 is a Dream and a Dream 2
September 25, 2016, 8:00 AM
Yahoo Hacked - Change Your Passwords and Security Info ASAP!
September 23, 2016, 5:45 AM
A is for Apples
September 23, 2016, 5:32 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki