|Teresa Hansen, Editor in Chief|
Although many industries have been dealing with cyberattacks for several years, recent events have put cybersecurity in the spotlight. This is good news because it could lead to utilities’ receiving some needed cybersecurity support from the federal government.
President Barack Obama on Feb. 12 signed the Improving Critical Infrastructure Cybersecurity executive order (EO), which encourages information sharing between the government and private industry and puts into place procedures that promote voluntary cybersecurity standards development for critical infrastructure. The administration says this EO is a response to Congress’ failure to pass the Cybersecurity Act of 2012.
The EO was issued only days after the Department of Energy reported a cyberattack on its Washington, D.C., headquarters. Reports said no classified information was uncovered but 14 computer servers and 20 work stations were compromised. Reports also said the attack’s sophistication indicates a foreign government—possibly China or Iran—was involved.
Some of the biggest cybersecurity news was reported Feb. 19, when U.S. security company Mandiant reported it has proof that Chinese hackers, specifically Unit 61398 of the People’s Liberation Army, are stealing intellectual property from U.S. companies in many industries. The New York Times was the first to reveal Mandiant’s findings, but since then the story has been published worldwide. A Feb. 23 article in The Economist, “Getting Ugly,” states, “Perhaps most worrying, they broke into networks of a company that helps utilities to run North American pipelines and power grids.” Mandiant’s report said China’s government might have authorized the hacking, but it could not determine the extent of official involvement. China’s government denies involvement.
Several news stories report the Obama administration will announce aggressive steps to punish China and other countries that conduct cyberespionage against the U.S. So far, Obama hasn’t revealed specifics.
Since this latest news broke, Energy Secretary Steven Chu announced the availability of up to $20 million for the development of tools and technologies to enhance the cybersecurity of the nation’s energy delivery control systems for electricity, oil and gas. This seems like a drop in the bucket for such an enormous problem, but it’s a start. Perhaps public reports of these latest incidents will prompt lawmakers to pass legislation that requires the federal government to provide critical cybersecurity information, as well as funding, to utilities and other industries to protect our infrastructure and information. I can’t imagine lawmakers need a bigger call to action.
PowerGrid International Articles Archives
View Power Generation Articles on PennEnergy.com