A bill to bring in the U.S.’s national laboratories to study ways to protect the electrical grid from cyberattacks passed the Senate last week.
The Securing Energy Infrastructure Act was sponsored by U.S. Sen. Angus King, a Maine independent who caucuses with the Democrats, and its co-sponsors included Sens. Jim Risch and Mike Crapo, R-Idaho. It passed a week ago after being added to a $750 billion defense funding bill that passed the Senate overwhelmingly.
The bill passed the Senate unanimously in December 2018 but didn’t get through the House before the start of the next Congress. This time Reps. Dutch Ruppersberger, D-Md., and John Carter, R-Texas, plan to introduce a companion House bill, King said in a news release.
“As our world grows more and more connected, we have before us both new opportunities and new threats,” King said. “Our connectivity is a strength that, if left unprotected, can be exploited as a weakness. This bill takes vital steps to improve our defenses, so the energy grid that powers our lives is not open to devastating attacks launched from across the globe. It’s bipartisan, it’s commonsense, and it’s necessary — I’m glad that the Senate has advanced this important legislation.”
The bill would establish a two-year pilot program with the national laboratories to study security vulnerabilities and research and test technology to isolate the most critical systems from cyberattacks. It would focus on segments of the energy sector where a cybersecurity incident “could result in catastrophic regional or national effects on public health or safety, economic security, or national security,” according to King’s office. A working group consisting of representatives of federal agencies, the energy industry, state and regional energy agencies, national laboratories and other stakeholders would evaluate the proposed solutions.
“The increasing complexity of our digital systems has resulted in significant weaknesses and vulnerabilities that need to be addressed,” Risch said in January when he and King introduced the bill. “The Idaho National Lab has the unique assets and expertise needed to drive the innovations to better protect our country from cyberattacks and we are fortunate to have their leadership on this critical issue.”
Cybersecurity research and looking into ways to protect American utilities from attack is a major aspect of Idaho National Laboratory’s work. Just last month, INL researchers released some new software to help utility owners prepare for cyberattacks, the Structured Threat Intelligence Graph software. The lab also announced a new effort, the INL Resilience Optimization Center, to help government entities prepare for both natural disasters and human-caused incidents such as cyberattacks. The Cybercore Integration Center that is being built at INL’s Idaho Falls campus now also will focus on cybersecurity research and education.
The bill was partially inspired by a cyberattack in the Ukraine in 2015 that left more than 225,000 people without power. One possibility that would be studied under the bill is using older technology that can’t be hacked to isolate the most important control systems in America’s electrical grid.