The US electrical grid remains vulnerable to cyberattacks despite years of warnings, US lawmakers have said.
The electric industry has "pushed" against federal cybersecurity standards and some utilities appear to be avoiding industry self-regulatory efforts by declining to designate their facilities or equipment as critical assets that need special protection, it was said.
That is according to Representative Yvette Clarke, a New York Democrat and chairwoman of the US House Homeland Security Committee's Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology.
"This effort seems to epitomise the head-in-the-sand mentality that seems to permeate broad sections of the electric industry," Clarke said.
The US electric grid is an "obvious target" for enemies of the nation, and a major outage would affect all aspects of everyday life, Clarke said during a Tuesday hearing. "We simply cannot afford to lose broad sections of our grid for days, weeks or months," she said.
Despite years of warnings from lawmakers, electric utilities' efforts to secure themselves against cyber or electromagnetic pulse, or EMP, attacks seem to be lagging, Clarke added. During a three-year subcommittee review of electrical grid security, committee members and staff talked to hundreds of experts and read thousands of pages of studies, she said.
"They all reached one conclusion: The electric industry has failed to appropriately protect against the threats we face in the 21st century," Clarke said.
While the hearing mostly focused on cybersecurity, lawmakers also talked about the threat of an EMP attack on the US. An EMP is a burst of electromagnetic radiation, usually from a nuclear explosion.
While such an attack may be unlikely, an EMP attack could shut down the electricity grid over a wide area and bring the US to a standstill, some lawmakers said.
Find your next job with computerworld UK jobs