SCADA Watch: GAO Says TVA Power Plants Vulnerable to Cyber Attacks
Brian Krebs writes in The Washington Post:
The Tennessee Valley Authority (TVA), the nation's largest public power company, is vulnerable to cyber attacks that could sabotage critical systems that provide electricity to more than 8.7 million people, according to a Government Accountability Office report to be released today.More here.
The report [.pdf] was requested by a House Homeland Security panel on cyber security, which is expected to hear testimony today from the Federal Energy Regulatory Commission about gaining additional authority to require electric utilities to implement added cyber-security measures.
The GAO found that TVA's Internet-connected corporate network was linked with systems used to control power production, and that security weaknesses pervasive in the corporate side could be used by attackers to manipulate or destroy vital control systems. As a wholly owned federal corporation, TVA must meet the same computer security standards that govern computer practices and safeguards at federal agencies.
The GAO also warned that computers on TVA's corporate network lacked security software updates and anti-virus protection, and that firewalls and intrusion detection systems on the network were easily bypassed and failed to record suspicious activity.
0 Comments:
Post a Comment
<< Home