How would Trump or Biden deal with grid hacking threats?


How would Trump or Biden deal with grid hacking threats?

Christian Vasquez, E&E News reporter

Published: Tuesday, November 3, 2020

President Trump and Democratic presidential nominee Joe Biden have a few competing plans for the nation’s cybersecurity — though experts say they largely expect the next U.S. president to stay the course. Graphic by E&E News/Jason Goulding/Flickr(photo)

The next U.S. president will face a growing number of grid cybersecurity threats as new energy technologies emerge and attacks on critical infrastructure become more common. But experts are questioning whether President Trump or Democratic nominee Joe Biden will prioritize a thorny issue that tends to stay out of the limelight until hackers strike.

“I think the incoming administration is very much aware of the threat,” retired NATO Supreme Allied Commander Gen. Wesley Clark said in an interview. “But is it something that we can push front and center? That’s the question.”

Clark pointed out that “we’re dealing with the most complex engineering, human system ever devised: the U.S. electricity grid.”

“Even simple problems can hide in so many different places and give access to this grid, which could be attacked, disrupted or disabled” by cyberthreats, he added.

Hackers are no longer shying away from attacking critical infrastructure: Last Wednesday, the Department of Homeland Security’s cyber office and the FBI warned of “ransomware” cyberattacks against the health sector with several hospitals already affected. The alert raised the specter of potentially deadly ransomware attacks by hackers who have historically held off from targeting U.S. health care providers, which are already facing strained resources during the coronavirus pandemic.

The U.S. electric grid is also threatened. Hackers backed by nations like Iran and Russia have continued to probe the power grid, and utilities have reported steadily increasing numbers of attempted cyber intrusions over the years.

The Trump administration has ramped up a “name and shame” strategy that calls out state-backed hackers allegedly behind some of the most egregious cyberattacks in recent history. Some experts have criticized the approach as an ineffective deterrent, while others suggest there aren’t many alternatives besides economic sanctions or working with allies to set international norms of behavior in cyberspace (Energywire, Oct. 20).

Biden, meanwhile, has championed a plan to accelerate adoption of clean energy and reach a carbon-free grid by 2035. That would require an energy sector overhaul, and cybersecurity experts worry that adding new technologies to the grid without building in security can introduce vulnerabilities. That’s particularly true with distributed electricity resources like solar panels and electric vehicles, which often depend on internet-facing devices. But some say Biden’s plans for the electricity sector could also open the door to additional security measures.

“The Biden campaign has certainly talked about a large infrastructure spend for clean energy technology: building out EV charging stations, decarbonizing the grid,” said Casey Herman, U.S. power and utilities leader for PwC. “Anytime there’s an opportunity now to modernize the grid, cybersecurity protection will be built into it.”

Representatives from the Trump and Biden campaigns did not respond to requests for comment.

Cybersecurity is often trumpeted as a nonpartisan issue, and there is little political disagreement that critical infrastructure should be protected from hackers.

But there are some fault lines, particularly when it comes to foreign affairs. The past four years have seen a dramatic increase in tensions between China and the U.S., and Trump’s trade war with Beijing could provoke retaliation in cyberspace, experts warn.

Both Trump and Biden have accused China of state-sponsored efforts to steal U.S. intellectual property. Biden has his own experience in combating Beijing’s hacking attempts: As vice president under Obama, Biden was closely involved with an intelligence community push to halt IP theft.

“The broader issue is how do you look at the geopolitical landscape? What changes from a political tension perspective in one administration versus another?” said Joe Nocera, cyber and privacy innovation institute leader at PwC. “Does that cause one of the nation-state actors to be more or less aggressive as a result? That’s the thing I would be watching.”

Executive action

A few Trump administration cyber policy changes have fallen flat or been met with skepticism in his first term, including a May 1 executive order aimed at securing the grid supply chain from backdoor cybersecurity threats. Trump directed the Energy Department to draft a ban on high-risk, foreign-made grid equipment, but the agency has missed deadlines and diluted its planned response (Energywire, Oct. 13). The order also faced industry criticism: The proposed changes took electricity leaders by surprise, and the order’s vagueness forced much of the sector to wait and see.

Top Trump officials have also not yet acted on many recommendations from the bipartisan, congressionally mandated Cyberspace Solarium Commission, which issued a report this spring with nearly 80 cybersecurity action items, including calls for the White House to create a national cyber director role.

The solarium report could offer something of a cyber road map for a potential Biden administration. But Trump could still act on its findings as well.

“Regardless of the election, the administration is changing. A second-term Trump is way different than a first-term Trump,” said Robert M. Lee, CEO of industrial cybersecurity firm Dragos Inc. and member of DOE’s Electricity Advisory Committee.

The National Commission on Grid Resilience also released a report with grid-focused cybersecurity recommendations for the incoming administration.

“Grid integrity is an issue that must be a top priority for policymakers, and it can never become a partisan topic,” said former Rep. Darrell Issa (R-Calif.), co-chair of the commission. “Regardless of which party wins the presidential or congressional elections, we must work together to secure any vulnerabilities we have.”

‘Out of time’

The next occupant of the Oval Office will also have to contend with the growing concern that federal regulations alone are not enough to protect utilities from cyberattacks. Grid overseers at the Federal Energy Regulatory Commission released a white paper proposing incentives for cybersecurity investments in the bulk electric system (Greenwire, Aug. 31). The report acknowledged the limits of federal critical infrastructure protection standards that include detailed cybersecurity requirements for utilities. Fast-paced technological developments — and the cyberthreats that accompany that evolution — quickly outpace the development of new standards that can take years to be enacted, the white paper said.

A Biden administration could be more willing to look at additional regulations and take a more expansive view on the government role in protecting critical infrastructure, while the Trump administration is likely to lean toward less regulation with a greater focus on the role of the private sector.

“I think you could have a little bit of both, but you gotta at least do both,” Lee said.

U.S. presidents face a delicate balancing act when pursuing public-private partnerships tied to the power grid, where the overwhelming majority of infrastructure is owned and operated by private companies. Bigger utilities may have the resources to fend off nation-backed hackers, experts say, but smaller power providers rarely have that luxury. Both types of companies have called for boosting federal partnership around threat intelligence sharing, as utilities have warned that keeping too much information classified could leave them out of the loop on the latest threats.

Grid security is not completely reliant on the outcome of the race for the White House, said Clark. The upcoming Congress and the electric industry will have to ensure grid security remains a top concern.

“This is a priority. It may not be as high as other priorities … and that has to be fought out in the budgeting process” in Congress, said Clark. “When the issue of priorities is raised, much will depend upon the electricity industry itself.”

While industry experts have said that there has been significant improvement in grid security in recent years, they also warn that it’s not yet enough. Many of the proposals working their way through Congress and agencies like FERC will take years to pass, and even longer before they are taken up by utilities. For many cybersecurity experts, the industry is running far behind.

“There has definitely been a sense of urgency,” said Dragos’ Lee. “We can debate all day long about energy attacks — we are out of time, we have to do something.”

Twitter: @chrismvasq Email: [email protected]


Article by Christian Vasquez, E&E News reporter.


In Other News…

Pride Month Statement

Pride Month is a time for celebration of LGBTQIA+ communities in commemoration of the Stonewall Uprising of 1969. At AUI, we celebrate an environment that is safe and welcoming to all, and the strength that our diversity brings us.

Cyber Expert Wins FBI Community Leadership Award

Robert R. Wells, special agent in charge of the Charlotte Division of the FBI has chosen a local cyber expert as the 2020 Director’s Community Leadership Award (DCLA) recipient for North Carolina. Torry Crass has been an invaluable partner to the FBI Charlotte field office since 2013.

2021 AUI Scholarship Recipients

Below are the fourteen winners of the 2021 AUI Scholarship conducted by International Scholarship and Tuition Services, Inc. These students will each receive an award of $3,500 per year to aid in defraying expenses at the college or university of their choice.

ITL Development Director: “We are convinced that our proposal is solid and meets all the requirements”

In an interview with Nueva Mining and Energy Magazine, Ricardo Raineri, Director of Development of the Chilean Institute of Clean Technologies (ITL) refers to the criticism that has hovered over Corfo’s decision, arguing that “it is essential to understand and emphasize that our proposal is based on an open platform model ”.

West Virginia Students Contact International Space Station LIVE

Friday, May 7th at 8:00 AM EDT, students in rural West Virginia will experience this once in a lifetime opportunity. Green Bank Elementary-Middle School (GBEMS) will be contacting astronaut Mark Vande Hei on the International Space Station (ISS).

The Universe just Became More Accessible: Free Software for Exploring the Universe Through Sound

Today free software has been released to help the blind and visually impaired (BIV) explore the universe through sound. With the support from the National Science Foundation’s STEM+C program, Innovators Developing Accessible Tools for Astronomy (IDATA) brought together nearly 200 BIV and sighted students, teachers, astronomers and programmers from across the Nation to create this innovative software called Afterglow Access.

Nueva Mineria covers the importance of ICTL’s Open Science model pioneered by AUI

The ICTL is a Chilean clean technology institute that is committed to developing innovations in the mining, power, battery, manufacturing, and related industrial sectors. The Open Science model allows a larger community to access R&D facilities based on the merit of their proposals.

VIDEO: Multi-wavelength Observations Reveal Impact of Black Hole on M87 Galaxy

In 2019, a worldwide collaboration of scientists used a global collection of radio telescopes called the Event Horizon Telescope (EHT) to make the first-ever image of a black hole — the supermassive black hole at the core of the galaxy M87, some 55 million light-years from Earth.

ACEAP Alumna Selected as Astronaut for SpaceX

Sian Procter, a participant in the Astronomy in Chile Educator Ambassadors Program (ACEAP) in 2016, has been selected as an astronaut by SpaceX. The Inspiration4 mission, scheduled to launch sometime after 15 September 2021, will orbit Earth for three days and conduct a variety of experiments.

New Images Reveal Magnetic Structures Near Supermassive Black Hole

The Event Horizon Telescope (EHT) — the worldwide collaboration that produced the first image of a black hole in 2019 — has produced a new image showing details of the magnetic fields in the region closest to the supermassive black hole at the core of the galaxy M87. The new work is providing astronomers with important clues about how powerful jets of material can be produced in that region.

You are now leaving AUI

You will be redirected to the related partnering organization's website.

You will be redirected to
in 4 seconds...

Click the link above to continue or CANCEL