Cybersecurity Problems Found in Electrical Infrastructure

Saturday, April 07, 2012

Contributed By:
Joel Harding

How shocking! Once again the private sector, in this case the Bonneville Power Administration, which supplies wholesale electric power to regional utilities in the Pacific Northwest, was found to be non-compliant in a number of areas, according to an article at infosecurity-magazine.com.

To me this smacks of a for-profit utility finding it more expedient to maximize profits before maximizing security for a critical infrastructure. “We the People”, our security, once again, takes a back seat to doing the right thing.

The Department of Energy’s Office of Inspector General was performing an audit and found significant problems with the system. Of course Bonneville Power Administration responded that the report contained “erroneous assertions”.

This points out a number of problems. DOE is in charge of locating and fixing critical infrastructure problems within the energy sector. Do they, in turn, report to DHS if it has to do with critical infrastructure?

Does DHS oversee DOE’s cybersecurity problems, their critical infrastructure problems or…?

Cross-posted from To Inform is to Influence

Share This! |

Views:	6984
Categories:	SCADA
Industries:	Industrial Control Systems
Tags:	SCADA Cyber Security Security Audits Infrastructure DHS National Security DOE ICS Industrial Control Systems

Post Rating I Like this!

Comments:

Kent Norton Would it be possible to keep the socialist comments to your own blog? Clearly, in your opinion, the Public Sector is oh so much more secure than the evil, greedy private sector company. Get real.

1334023996

Joel Harding Socialist? Oh shame... me, the All-American kid, decorated combat veteran, etc...

What I didn't know, when I wrote the article, is that Bonneville is actually a federal agency (believe it or not), they're not a for-profit corporation. My bad.

Sorry, Kent, the "evil, greedy private sector" companies will never budge if there is to be a profit made by not complying unless... *gasp* they are the exception. Where you work might qualify as the exception, but we can cite a lot more in non-compliance for every exception.

1334025625

You Must Register or Login to Comment

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked

Improving Security by Failing Faster

Latest Member Comments

"I thought this article discuss a very important issue of security.If we have well developed technology in one particular field then we ..."

Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013

"ATM machine are for our convenience but if we are not careful they can compromise our safety. Discount theater tickets "

ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013

"A expressive case study is used to explore causation in order to find underlying principles. Case studies may be prospective in which c..."

New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013

"In the social sciences and life sciences a case study or case report is a descriptive or descriptive analysis of a someone, group or ev..."

Case Study: A Cloud Security Assessment... Caitlin Rachel on 05-21-2013