As institutional and commercial facilities ramp up their efforts to protect IT systems and valuable data by combating cyberattacks and hacks, one key element of the facilities infrastructure has moved squarely into the crosshairs of attackers.
The U.S. electrical grid's distribution systems are increasingly vulnerable to cyberthreats, and the U.S Department of Energy (DOE) needs to do more to protect this critical infrastructure, according to a General Accounting Office (GAO) audit reported by GovInfo Security. The GAO recommends that the DOE incorporate the grid's distribution systems into its cybersecurity strategy that already includes the generation and transmission systems.
The GAO says a coordinated attack on distribution systems could cause outages in multiple areas even if it did not disrupt the bulk power system, according to officials from one national laboratory.
The grid's distribution systems increasingly are connected to the internet through business networks and remote access tools, making them more susceptible to cyberthreats, according to the GAO, adding that threat actors can use multiple techniques to potentially disrupt operations. These distribution systems are not subject to mandatory federal security standards.
Dan Hounsell is editor of Facility Maintenance Decisions.
