...
...
Next Story

US unveils plan to protect power grid from foreign hackers

Experts say initiatives to enhance the security of the US electrical grid are years behind better-known efforts to shield data centres and corporate systems.

Published on: Apr 20, 2021 08:49 PM IST
Bloomberg |
Prefer HTon Google
Advertisement

The White House unveiled on Tuesday a 100-day plan intended to protect the US power grid from cyber-attacks, mainly by creating a stronger relationship between US national security agencies and the mostly private utilities that run the electrical system.

The plan is among the first big steps toward fulfilling the Joe Biden's administration’s promise to urgently improve the country’s cyber defenses.. REUTERS/Kevin Lamarque (REUTERS)
The plan is among the first big steps toward fulfilling the Joe Biden's administration’s promise to urgently improve the country’s cyber defenses.. REUTERS/Kevin Lamarque (REUTERS)

The plan is among the first big steps toward fulfilling the Biden administration’s promise to urgently improve the country’s cyber defenses. The nation’s power system is both highly vulnerable to hacking and a target for nation-state adversaries looking to counter the US advantage in conventional military and economic power.

“The United States faces a well-documented and increasing cyber threat from malicious actors seeking to disrupt the electricity Americans rely on to power our homes and businesses,” Secretary of Energy Jennifer Granholm said.

Although the plan is billed as a 100-day sprint -- which includes a series of consultations between utilities and the government -- it will likely take years to fully implement, experts say. It will ask utilities to pay for and install technology to better detect hacks of the specialized computers that run the country’s power systems, known as industrial control systems.

The government will take suggestions from utilities within 21 days about ways to incentivize participation in the voluntary effort, according to details of the plan described by a person familiar with it.

The final plan also drops the draft’s proposal for enhancing supply chain security for grid components by calling for a list of recommended equipment vendors. Now, the administration plans to ask utilities for suggestions for improvement.

Experts say initiatives to enhance the security of the US electrical grid are years behind better-known efforts to shield data centres and corporate systems. At the same time, hackers from Russia, China, Iran and North Korea are launching increasingly aggressive attacks on US power companies, hoping to install malware that could leave cities and towns in the dark.

Under the new plan, owners and operators of electricity networks are now expected to “enhance their detection, mitigation and forensic capabilities,” according to the Department of Energy statement. They would also need to share information with the federal government if something happens to their systems. Priority sites will need to identify and report their technology capabilities, gaps and requirements within 45 days of the launch.

CISA, the Cybersecurity and Infrastructure Security Agency, will establish a team of government and agency representatives to coordinate analysis between the government and private sector.

“The safety and security of the American people depend on the resilience of our nation’s critical infrastructure,” said acting CISA director Brandon Wales, in a statement. The partnership would “prove a valuable pilot as we continue our work to secure industrial control systems across all sectors.”


 
Get the latest headlines from US news and global updates from Pakistan, Nepal, UK, Bangladesh, Russia and US Iran war Live, get all the latest headlines in one place on Hindustan Times.
Get the latest headlines from US news and global updates from Pakistan, Nepal, UK, Bangladesh, Russia and US Iran war Live, get all the latest headlines in one place on Hindustan Times.
SHARE THIS ARTICLE ON
Hindustantimes wants to start sending you push notifications. Click allow to subscribe