{"title":"Cybersecurity in the energy sector: are we really prepared?","authors":"Don C. Smith","doi":"10.1080/02646811.2021.1943935","DOIUrl":null,"url":null,"abstract":"US Energy Secretary Jennifer Granholmmade an astounding – but sadly not surprising – admission in early June 2021. When asked whether US adversaries have the capability of interrupting the electricity grid she simply answered, ‘Yes they do’, adding ‘I think there are very malign actors who are trying. Even as we speak, there are thousands of attacks on all aspects of the energy sector and the private sector, generally’. Granholm’s words were astounding because the US government has known for years that cyberattacks on key infrastructure were going on. And yet they were not surprising because obviously not enough has been done to protect against such attacks. Almost exactly three years ago, a journal editorial raised the matter of prioritising cybersecurity in the energy sector. As the editorial pointed out, ‘[T]he US electricity grid, which has been referred to as the “largest interconnected machine” in the world, consists of “more than 7,000 power plants, 55,000 substations, 160,000 miles of highvoltage transmission lines and millions of miles of low-voltage distribution lines”’. While it is true that the system has not yet suffered a catastrophic attack, Granholm’s words are hardly comforting. Organisations around the world are also concerned about this issue. For example, in the World Economic Forum’s Global Risk Report 2020, cyberattacks on critical infrastructure including the energy system were rated the fifth top risk. And the International Energy Agency has said that for electricity systems in particular, ‘the threat of cyberattack is substantial and growing, and threat actors are becoming increasingly sophisticated at carrying out attacks – both in their destructive capabilities and their ability to identify vulnerabilities’. Moreover, earlier this year Reji Kumar Pillai, head of an Indian think tank that advises utilities, regulators and government on energy issues, said, ‘India’s power system is in urgent need of proper cybersecurity systems. Both the state and the central governments need to treat this with utmost urgency, without waiting for a disaster to happen’.","PeriodicalId":51867,"journal":{"name":"Journal of Energy & Natural Resources Law","volume":null,"pages":null},"PeriodicalIF":1.6000,"publicationDate":"2021-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Energy & Natural Resources Law","FirstCategoryId":"90","ListUrlMain":"https://doi.org/10.1080/02646811.2021.1943935","RegionNum":4,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"ENVIRONMENTAL STUDIES","Score":null,"Total":0}
引用次数: 5
Abstract
US Energy Secretary Jennifer Granholmmade an astounding – but sadly not surprising – admission in early June 2021. When asked whether US adversaries have the capability of interrupting the electricity grid she simply answered, ‘Yes they do’, adding ‘I think there are very malign actors who are trying. Even as we speak, there are thousands of attacks on all aspects of the energy sector and the private sector, generally’. Granholm’s words were astounding because the US government has known for years that cyberattacks on key infrastructure were going on. And yet they were not surprising because obviously not enough has been done to protect against such attacks. Almost exactly three years ago, a journal editorial raised the matter of prioritising cybersecurity in the energy sector. As the editorial pointed out, ‘[T]he US electricity grid, which has been referred to as the “largest interconnected machine” in the world, consists of “more than 7,000 power plants, 55,000 substations, 160,000 miles of highvoltage transmission lines and millions of miles of low-voltage distribution lines”’. While it is true that the system has not yet suffered a catastrophic attack, Granholm’s words are hardly comforting. Organisations around the world are also concerned about this issue. For example, in the World Economic Forum’s Global Risk Report 2020, cyberattacks on critical infrastructure including the energy system were rated the fifth top risk. And the International Energy Agency has said that for electricity systems in particular, ‘the threat of cyberattack is substantial and growing, and threat actors are becoming increasingly sophisticated at carrying out attacks – both in their destructive capabilities and their ability to identify vulnerabilities’. Moreover, earlier this year Reji Kumar Pillai, head of an Indian think tank that advises utilities, regulators and government on energy issues, said, ‘India’s power system is in urgent need of proper cybersecurity systems. Both the state and the central governments need to treat this with utmost urgency, without waiting for a disaster to happen’.
美国能源部长詹妮弗·格兰霍尔姆在2021年6月初做出了令人震惊的承认,但遗憾的是,这并不令人意外。当被问及美国的对手是否有能力中断电网时,她简单地回答说,“是的,他们有”,并补充说,“我认为有非常恶意的行为者正在尝试。”就在我们说话的时候,能源部门和私营部门的各个方面都受到了成千上万的攻击。”格兰霍姆的话令人震惊,因为美国政府多年来一直知道,对关键基础设施的网络攻击正在发生。然而,这并不令人惊讶,因为显然在防范此类袭击方面做得还不够。几乎就在三年前,一篇期刊社论提出了在能源领域优先考虑网络安全的问题。这篇社论指出,美国电网被称为世界上“最大的互联机器”,由“7000多座发电厂、5.5万个变电站、16万英里的高压输电线路和数百万英里的低压配电线路”组成。虽然这个系统确实还没有遭受灾难性的攻击,但格兰霍姆的话很难让人感到安慰。世界各地的组织也在关注这个问题。例如,在世界经济论坛的《2020年全球风险报告》中,对包括能源系统在内的关键基础设施的网络攻击被评为第五大风险。国际能源署(International Energy Agency)表示,特别是对电力系统而言,“网络攻击的威胁是巨大的,而且还在不断增长,威胁行为者在实施攻击方面变得越来越老练——无论是在破坏能力方面,还是在识别漏洞的能力方面。”此外,今年早些时候,印度一家智库的负责人皮莱(Reji Kumar Pillai)说,印度的电力系统迫切需要适当的网络安全系统。皮莱在能源问题上为公用事业、监管机构和政府提供咨询。邦政府和中央政府都需要以最紧迫的方式处理此事,而不是等待灾难发生。”
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
