The specter of an attack in the United States that could black out power in a region is increasingly a concern, experts say, because the nation’s aging electric grid is more susceptible than ever to terrorism.
For years, utilities that provide the U.S. with electricity have been the focus of security concerns, but the call to action has been increasing. In 2014, there were 79 hacking incidents at energy companies.
There are about 55,000 substations in the U.S. with about 30 of them playing a critical role in the nation’s grid operations. NSA Director Admiral Michael Rogers recently told a congressional committee that a successful attack could come at any time and it could cost the U.S. hundreds of billions of dollars.
“The cyber challenges we’re talking about are not theoretical. This is something real that is impacting our nation and those of our allies and friends every day,” says Rogers.
Preparations have already begun to adopt new cybersecurity standards for the energy industry. American Electric Power is one of the largest electric utilities in the U.S. delivering electricity to more than 5 million customers in 11 states, including a utility unit called AEP-SWEPCO in Arkansas, Louisiana and East Texas. The company’s cybersecurity center in Columbus, Ohio, allows it to monitor in real-time what is happening on its grid.
While two years ago, cybersecurity was not even a top ten issue for utilities, it’s now rated as the fourth highest issue for industry leaders. Even though energy executives are aware of the hazard, many of them of have not taken action. A recent consultant agency report showed more than 48% of utility companies say they do not have cybersecurity at their facilities.
Meanwhile, Rogers says no one sector or organization will be able to solve this issue. “It is going to take a true partnership between the private sector, the government and academia to address the true challenges we have,” Rogers explains.
Cyber attacks have already struck some of the U.S. government’s most sensitive systems. Earlier this year, Pacific Gas and Electric (PG&E) announced that the utility company plans to spend $100 million over the next three years to enhance security in critical facilities.