by Mitch Kokai
Senior Political Analyst, John Locke Foundation
The nation’s energy systems can’t keep up with the growing threat of the U.S. going dark after a cyberattack by North Korea, Islamic State radicals or anyone with a grudge. According to experts, threats to the electrical grid, water utilities and other elements of energy infrastructure are likely growing in number and complexity with each day.
In just the past two months, U.S. utilities have been placed on alert twice, as much as the public knows: once after Islamic State radicals attacked downtown Paris and again after a December attack in Ukraine that knocked out the country’s power for several hours. Just last week, the inspector general for the nation’s nuclear power regulator said in a report that the Nuclear Regulatory Commission “is not optimized to protect the agency’s network in the current cyberthreat environment.”
“Here is the deal, of course it’s important that the grid have sophisticated cybersecurity,” but “to assume that we can keep up with the hackers is ridiculous,” said Scott Sklar, a long-time utility consultant and president of the Stella Group who has been advising lawmakers on some of the holes in the government’s approach to Internet-based attacks.
The Federal Energy Regulatory Commission, the national labs, the Pentagon and the intelligence community all have teams looking at the threat. But “how you put up a strategy from all that looking is the question that remains unanswered,” he said. The Department of Energy also has created a public-private partnership focused on information sharing with the utility industry.
But Sklar said those efforts address the issue only from the “100,000-feet level,” and he suggests government officials “spend more time with the practitioners in the field,” something he says not all government agencies are willing to do.