The Wall Street Journal is reporting that National Security agency chief Gen. Keith Alexander has briefed the White House on potential threats to the nation's power grid network by hacktivist groups such as Anonymous.
The Journal states that "the group has never listed a power blackout as a goal, but some federal officials believe Anonymous is headed in a more disruptive direction. An attack on a network would be consistent with recent public claims and threats by the group."
One of the main challenges in protecting these networks is the fact that these systems were not necessarily designed with cybersecurity in mind. Rather, the security solutions have been layered on in a piecemeal fashion after the networks were operational, leaving ample room for attackers to compromise their functionality.
In the fall of 2011, Pike Research released a report examining the state of utility cyber security. The report concluded that although a great deal of attention has shifted to protecting systems that govern infrastructure, utilities have a long way to go in protecting critical networks.
"Utility cyber security is in a state of near chaos. After years of vendors selling point solutions, utilities investing in compliance minimums rather than full security, and attackers having nearly free rein, the attackers clearly have the upper hand. Many attacks simply cannot be defended," the researchers stated.
However, the Journal goes on to report that utility officials believe the threat of a catastrophic event is in highly unlikely, and that current security precautions are effective in defeating attacks on a daily basis.
"Grid officials said their systems face regular attacks, and they devote tremendous resources to repelling invaders, whether from Anonymous or some other source. 'The industry is engaged and stepping up widely to respond to emerging cyber threats; said one electric-industry official. 'There is a recognition that there are groups out there like Anonymous, and we are concerned, as are other sectors.' Another industry official noted that the electric grid has a number of backup systems that allow utilities to restore power quickly if it is taken out by a cyberattack or other event."
While widespread vulnerabilities may persist in systems governing critical infrastructure, the government maintains that actual threat levels are not as pronounced as some would lead the public to believe.
"Intelligence officials believe that, for now, the cyber threat to the power grid is relatively limited. The countries that could most quickly develop and use cyber means to destroy part of the grid — such as China and Russia — have little incentive to do it. Those who might have more incentive, like Iran or North Korea, don't have the capability," the Journal reported.