The U.S. Department of Energy must do a better job of addressing power grid cybersecurity risks, the U.S. Government Accountability Office said in a report released Tuesday.
The U.S. grid’s distribution system, which carries electricity from transmission systems to consumers and is regulated primarily by states, is increasingly at risk from cyberattacks, said the GAO report, which is the third in a series of four reports on the key areas of cybersecurity the federal government must address address this asap.
“Distribution systems are becoming increasingly vulnerable, in part due to the increasing connectivity of industrial control systems,” the report says. “As a result, threat actors can use multiple techniques to access these systems and potentially disrupt operations.”;
Because of this, it says, threat actors can use multiple techniques to access these systems and potentially disrupt operations.
The report says the Energy Department agreed to a March 2021 GAO recommendation that it coordinate with the Department of Homeland Security, states and industry to more fully address this risk, but had not done so by December 2022.
Other cyber security risks that require more attention, according to the report, are primary schools, the communications sector and oil and gas infrastructure.
It also says the Departments of Homeland Security and Justice should improve interagency coordination against ransomware threats and DHS’s Cybersecurity and Infrastructure Agency is needed to engage stakeholders and document strategies and goals.