Lawmakers Move to Secure Electric Grid
New legislation would expand the authority of Department of Homeland Security and Federal Energy Regulatory Commission to dictate cyber-security standards and controls to secure the vulnerable electric grid.
Recent reports that hackers -- both foreign and domestic -- are launching attacks on the nation's power grid have prompted two U.S. lawmakers to introduce legislation that would
increase federal authority to secure the electric
The Critical Electric Infrastructure Protection Act would direct the DHS (Department of Homeland Security) and the FERC (Federal Energy Regulatory Commission) additional authority to develop a fix to vulnerabilities detected and reported by DHS. Under the bill, FERC, in consultation with the DHS, would have the authority to issue rules or orders to protect critical electric infrastructure from a vulnerability or threat.
If FERC and DHS deem the threat imminent, emergency orders to protect the grid could be issued without prior notice or hearing.
"The electric grid is highly dependent on computer-based control systems," Rep. Bennie Thompson (D-MS), chairman of the House Committee on Homeland Security, said in a statement. "These systems are increasingly connected to open networks such as the Internet, exposing them to cyber risks. Any failure of our electric grid, whether intentional or unintentional, would have a significant and potentially devastating impact on our nation."
Two years ago, the House Homeland Security Committee began investigating the vulernability of the country's electric grid after U.S. researchers launched an experimental cyber attack that caused a power plant generator to self-destruct.
"The findings were disturbing. Most of the electric industry had not completed the recommended mitigations, despite being advised to do so by the Federal Energy Regulatory Commission and the North American Electric Reliability Corporation," Thompson said. "This effectively left many utilities vulnerable to attacks. Furthermore, in spite of existing mandatory cyber-security standards, the North American Electric Reliability Corporation recently reported that many utilities are underreporting their critical cyber assets, potentially to avoid compliance requirements."
U.S. Sen. Joe Lieberman (I-Conn.), chairman of the Senate's Homeland Security and Governmental Affairs Committee, introduced parallel legislation to Thompson's.
"Our cyber systems are under constant attack," Lieberman said. "We rely on cyberspace for so much of what is at the heart of our way of life. And our systems are not protected. We are focusing on the electricity cyber structure today because electricity is what so many critical sectors of the economy depend upon."
Lieberman said it is "apparent" that the federal government does not currently have adequate authority to protect the nation's electricity supply from tampering or attack.