Given the prevalence of cyber-attacks and intrusions against critical infrastructure globally, leading Democrats on a House panel have requested the Government Accountability Office (GAO) investigate cyber security threats to the U.S. electric grid.
“The threats against our critical infrastructure are widespread, growing, and deeply concerning,” the ranking members on the Science, Space & Technology Committee, say in their July 10 letter to Comptroller General Gene Dodaro. “The ability to respond to these cyber dangers and emerging risks within our critical infrastructure varies greatly among small and large companies, and public and private entities.”
The Democrats outline several issues and vulnerabilities to the U.S. electric grid that they want the GAO to examine, including linkages between state and local regulated portions of the nation’s electric system and federally-regulated components and the potential cyber security vulnerabilities between the two.
The six-page letter to Dodaro points to a study by the consulting firm Gartner [IT] that found only 30 percent of the U.S. private sector in 2015 had adopted a voluntary best practices framework to cyber security and estimates that percentage will only grow to 50 percent by 2020.
The Democrats also raise concerns about the use of cyber security software developed by the Russian firm Kaspersky Lab in public utilities, pointing out that the federal government has banned the use of the software on its networks and that the intelligence community is worried that the Russian government could exploit the software to gain access to U.S. government networks.
“However, the extent to which Kaspersky products are being used on critical nodes and computer servers across the U.S. critical infrastructure network, including natural gas facilities, dams, electrical plants, water distribution systems, and healthcare networks, or the U.S. election infrastructure is unclear,” the letter says. “The presence of Kaspersky products at these facilities could pose a threat to our critical infrastructure.”
The letter is signed by Reps. Eddie Bernice Johnson (Texas), ranking member on the committee, Donald Beyer (Va.), ranking member on the Oversight Subcommittee, Marc Veasey (Texas), ranking member of the Energy Subcommittee, and Dan Lipinski (Ill.), the ranking member on the Research & Technology panel.