The US electrical grid remains vulnerable to
cyberattacks almost a year after researchers demonstrated that
hackers could shut down a power station.
The disclosure, which will prompt questions over the security of
the UK power grid, emerged at a homeland security sub-committee
hearing this week about the security of critical infrastructure
networks in the US.
James Langevin, chairman of the sub-committee on emerging
threats,
cybersecurity, and science and technology said, "I think we
could search far and wide and not find a more disorganised response
to a national security issue of this import."
Representatives of the energy regulatory commission FERC, and
electric reliability corporation NERC said there were flaws in the
process for identifying and dealing with cyberattacks on the
electricity grid.
Both said they were doing all they could, but FERC said
additional authority was needed to formulate interim standards and
enforce compliance.
Joseph Kelliher, chairman of FERC, said significant progress had
been made, but the current process for developing standards was
slow and therefore did not work well with rapidly evolving
cyberthreat, which needs a rapid response.
Langevin said that stronger and more comprehensive authority was
needed to develop effective standards to mitigate the threat of
cyberattacks on the grid.
"It is not enough to have some standards in place - they have to
be the right standards," he said.
Langevin said he had more confidence in the standards developed
by the National Institute of Standards and Technology, which
defines cybersecurity regulations for the US government and
recommended moving in that direction.
"We need to move aggressively to close the vulnerability [to
cyberattacks] and ensure our electric grid is 100% secure," he
said.