Cybersecurity

What should the military do when the lights go out?

Shutterstock image (by gyn9037): High voltage towers, electricity infrastructure. 

A House bill would direct a cross-department effort to examine how a cyberattack on the nation's electric grid would affect military readiness.

The Securing the Electric Grid to Protect Military Readiness Act of 2017, introduced by Rep. Jacky Rosen (D-Nev.) on Sept. 27, directs the secretaries of defense, energy and homeland security as well as the director of national intelligence, to deliver a report to Congress within 90 days that would identify significant cybersecurity risks to defense critical electric infrastructure, assess how the readiness of the armed forces would be affected by a cyber attack, weigh the pros and the cons of isolating military infrastructure from the national electric grid and make recommendations to Congress about how best to eliminate or mitigate those risks.

"We must take every step necessary to modernize our electric power grid and protect our military assets from malicious cyber-attacks," said Rosen in a statement.

The measure is looking to explore the impact of multiple threats, including significant efforts to degrade or disrupt technology systems or networks, data theft, malware, distributed denial-of-service attacks, industrial espionage and influence operations.

A Senate version of the legislation was offered on Sept. 12 by Sens. Elizabeth Warren (D-Mass.) and Thom Tillis (R-N.C.). Separately, Sen. Angus King (I-Maine) introduced the Securing Energy Infrastructure Act of 2017, which would establish a working group to develop a national cyber strategy for protecting the electrical grid along with a two-year pilot program within the Department of Energy to identify and combat cybersecurity vulnerabilities in the energy sector. That bill was eventually inserted into the Senate's 2018 Intelligence Authorization bill, which has been introduced but has not yet received a vote.

Before leaving office, the Obama administration released an action plan in December 2016 on securing the electric grid with a host of recommendations, including building increased resilience measures into the grid network, better coordination with nations like Canada who share electrical resources, establish a grid monitoring system and a better trained workforce.

The Trump administration followed that up with an Executive Order in May 2017 directing the Secretaries of Energy and Homeland Security and the Director of National Intelligence to assess the implications of a "prolonged power outage associated with a significant cyber incident" and how the nation might respond to an attack.

Publicly-known instances of attacks on the nation's power grid by malicious actors are exceedingly rare. A website started in 2013 by an anonymous information security researcher called Cybersquirrel1 tracks and categorizes all public, unclassified instances of disruption and damage to power grids around the world. Out of the 2,111 attacks listed worldwide on the site, just three were later determined to be caused by nation-state actors. The remaining 2,108 disruptions were caused by squirrels, birds, snakes, jellyfish and other animals.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.