The U.S. electricity grid is dangerously vulnerable to sabotage from hackers, spies and terrorists, despite a seven-year effort to safeguard it from cyber attacks, senators and officials said Tuesday in a hearing, according to The Washington Times.
Senators disagree on the degree of regulation required, but the warning comes as the deadline for them to act of a cyber security bill before August recess starts.
According to Sen. Jeff Bingaman, chairman of the Senate Energy and Natural Resources Committee, the system for setting and enforcing cyber security standards for the national electricity grid is “cumbersome and overly complicated.”
According to the Washington Times, the 2005 Energy Policy Act gave ultimate responsibility for power grid cyber security standards to the Federal Energy Regulatory Commission, but Congress has also recently told the agency to work through a private industry partnership group, the North American Electricity Reliability Council.
According to Sen. Bingaman, the federal agency and the private council have been sparring over the standards ever since.
Security specialists in the Washington Times article say that finding a balance has taken so long because the federal commission does not have the authority to dictate standards to industry. Moreover, there is no system for overseeing industry compliance with the standards, the article says.
Sen. Bingaman also noted that the power industry is the only sector of the U.S. critical infrastructure to have mandatory cyber security standards at all, as there are no similar federal requirements for water or transportation systems.