GAO warns on cyber risks to power grid

By Iren Moroz shutterstock ID 566799760 

Optional caption goes here. Optional caption goes here. Optional caption goes here. Optional caption goes here.

The country's electrical systems are increasingly susceptible to cyberattacks, according to government auditors, and there is uncertainty about the extent to which a localized attack might cascade through power distribution systems.

A new report from the Government Accountability Office examines the vulnerabilities of electricity grid distribution systems, how some states and industry actions have hardened those systems and the extent to which the Department of Energy has addressed risks by implementing the national cybersecurity strategy.

Government and industry officials told GAO that a cyberattack on a grid distribution system would likely have localized effects, but a coordinated attack could have widespread consequences. However, the officials conceded that assumption is based on their professional experience, GAO noted, and none of them were aware of an assessment that confirmed their claims.

"Moreover, three federal and national laboratory officials told us that even if a cyberattack on the grid's distribution systems was localized, such an attack could still have significant national consequences, depending on the specific distribution systems that were targeted and the severity of the attack's effects," according to the report.

In 2019, GAO assessed the Department of Energy's efforts to implement the energy portion of the national cybersecurity strategy and found it lacking. The new report states DOE officials intend to update their plans as a result of GAO's findings, but they will not change the extent to which they focus on distribution systems. The officials said an attack on the bulk power system -- larger interconnected electrical systems made up of generation and transmission facilities -- poses a greater threat.

"Officials said a cyberattack on the bulk power system would likely affect large groups of people very quickly, and the impact of a cyberattack on distribution systems would likely be less significant," according to the report.

Patricia Hoffman, a senior official at DOE's primary cybersecurity office, concurred with GAO's recommendation that the energy secretary should work with the Department of Homeland Security and industry to address risks to distribution systems. Hoffman cited two congressionally directed efforts DOE is engaged in to do as much.

About the Author

Justin Katz is a former staff writer at FCW.


  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected