Cybersecurity and the North American Electric Grid: New Policy Approaches to Address an Evolving Threat. A Report from the Co-chairs of the Bipartisan Policy Center’s Electric Grid Cybersecurity Initiative, February 2014.
“Protecting the nation’s electricity grid from cyber attacks is a critical national security issue. Evidence collected by the U.S. Department of Homeland Security (DHS) suggests that cyber attacks on key energy infrastructure—and on the electricity system in particular—are increasing, both in frequency and sophistication. These trends are alarming because the potential consequences of a successful large-scale cyber attack—or combined cyber and physical attack—on the electric power sector are difficult to overstate. As previous grid failures, including the multiday Northeast blackout of 2003, have shown, any event that causes prolonged power outages over a large area would not only be extremely costly, it would wreak havoc on millions of people’s daily lives and could profoundly disrupt the delivery of essential services, including communications, food, water, health care, and emergency response. Moreover, cyber threats, unlike traditional threats to electric grid reliability such as extreme weather, are less predictable in their timing and more difficult to anticipate and address. A cyber attack could come from many sources and—given the size and complexity of the North American electric grid—could target many potential vulnerabilities. For this reason, experts agree that the risk of a successful attack is significant, and that the system and its operators must be prepared to contain and minimize the consequences.”