GAO report warns of cybersecurity risks to US electric grid

Published on September 27, 2019 by Chris Galford

© Shutterstock

The House Energy and Commerce Committee released this week a report from the Government Accountability Office (GAO) that revealed findings of significant cybersecurity risk to the United States electric grid.

The report outlined those risks and urged action to fix them. These risks include criminals, terrorists and nations who are increasingly able to assault the grid, growing inherent vulnerabilities in the network itself as it moves to Internet of Things devices and reliance on the global positioning system, and the fact that, as proven by disruptions to foreign electric grid operations through cyberattacks, cyberattacks could lead to widespread power outages in the United States and current assessments cannot accurately predict current and projected risks.

A joint statement was released with the report by Energy and Commerce Committee Chairman Frank Pallone, Jr. (D-NJ), Energy Subcommittee Chairman Bobby L. Rush (D-IL), Environment, Climate Change Subcommittee Chairman Paul Tonko (D-NY), and U.S. Rep. Jerry McNerney (D-CA),

“Today’s report confirms our concerns that cybersecurity risks to our electric grid are significant and growing,” the legislators wrote. “New technologies and products that rely on the grid and the internet expand consumer choice and services, but they also create new risks. ‘Smart’ appliances and electric vehicles, for instance, create vulnerabilities that could be exploited by bad actors. Meanwhile, the energy sector is struggling to identify and train a large enough workforce to stay ahead of these issues.”

The congressmen labeled the challenges presented in the report as a clear and urgent threat to the grid, urging decisive action from Congress to correct them. Several efforts to do so have already been referred to the House at large.

“These legislative solutions are critical first steps and must be taken up without delay, but GAO’s report indicates that we must do even more,” the legislators wrote. “Risk assessment, information sharing, coordination of government and private sector entities, workforce training, and response planning to address cybersecurity risks must be improved nationwide. Americans are counting on us to get this right and protect their communities from cyberattack, and we are committed to working in a bipartisan fashion to do exactly that.”

The GAO study was first requested in 2015.