Lawmakers seek red team testing of vulnerable grid networks

By Iren Moroz shutterstock ID 566799760 

Lawmakers are looking to regulators to support red team testing of energy grid networks for cyber vulnerabilities.

"No one's testing," said Sen. Joe Manchin (D-W. Va.), the ranking member of the Senate Energy and Natural Resources Committee at an Aug. 5 hearing.

"Legacy grid systems were not designed to defend themselves against modern cyberattacks and, as they grow more and more connected to the internet, our electric systems grow more and more vulnerable," Manchin said.

Alexander Gates, senior policy advisor, at the Energy Department's Cybersecurity, Energy Security and Emergency Response (CESER) agency said that government authority to test the security of private utilities "has limitations."

Thomas O'Brien, senior vice president and CIO of energy transport provider PJM Interconnection that moves electricity around 13 states testified that his organization performs "extensive" red teaming and penetration testing of its own networks.

"Red team, hackers for hire -- we need more of it," said Sen. Angus King (I-Maine) King said the Energy Department or the Federal Energy Regulatory Commission (FERC), or both, should have the authorities to perform such tests on networks.

King is also concerned with natural gas pipeline security. Those pipelines, he said, are a crucial part of the energy infrastructure, but are regulated by the Transportation Security Administration. But that agency, as has been documented in oversight reports, does not devote extensive resources to that activity. King suggested that He suggested TSA's current authority over pipelines might be better exercised by FERC. King is not the first lawmaker to make this observation and indeed even officials at FERC have suggested that they should take over the pipeline security function.

"We need a hearing on natural gas pipeline security," said King. "I'm concerned we don't have the same level of standards and testing as we do for the electrical grid."

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at [email protected] or follow him on Twitter at @MRockwell4.


  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    OPM nominee plans focus on telework, IT, retirement

    Kiran Ahuja, a veteran of the Office of Personnel Management, told lawmakers that she thinks that the lack of consistent leadership in the top position at OPM has taken a toll on the ability of the agency to complete longer term IT modernization projects.

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

Stay Connected