The potential for a major cyber attack against the nation’s power grid is “at an all time high,” Gerry Cauley, president of the grid operators group North American Electric Reliability Corporation, warned during a Senate hearing Tuesday.
While acknowledging hackers had yet to shut down power to U.S. power customers, Cauley pointed to a 2015 attack in Ukraine that resulted in 225,000 customers losing power for several hours.
“We will never be complacent. The risk is very real,” he said.
His comments came during a Senate Energy and Natural Resources Committee hearing Tuesday, part of a long-term push by the federal government to bolster security at the nation’s power plants and substations to prevent attacks like those that have recently struck Europe.
The Department of Energy continues to work on developing what Patricia Hoffman, acting assistant secretary at the Department of Energy’s Office of Electricity Delivery and Energy Reliability, called “an ecosystem of resilience,’ by developing security standards and improve information sharing between government officials and the companies that operate the grid.
“This is one of the secretary’s top priorities,” Hoffman said.
The the growing presence of automated technology on the power grid is allowing hackers, “to develop more attack path options than ever before,” Andrew Bochman, senior cyber and energy strategist at Idaho National Laboratory, testified.
“Cyber risk futurists, myself included, are experiencing a palpable sense of foreboding,” he said in his testimony.