Utility security a concern

Protecting the nationwide utility system from attack is critically important for national security. Without the power that runs our homes, businesses and systems, we would be quite vulnerable to an enemy. Today, some are asking questions about how vulnerable our electric grid.

An article in today’s Wall Street Journal suggests that security holes in the computer networks that utility firms use to control the nation’s electricity distribution system could “allow intruders to redirect power delivery and steal data.”

The source for the story is the federal government’s Energy Department, which watches over things like that. Too often, we tend to leave certain concerns–like security for a grid we only control a very small portion of–to state or federal regulators, but there is a lot every electric utility can do to protect its part of the grid and mitigate these risks.

At a minimun you should change the defalt passwords in all the systems. It is not really that difficult. You can use something simple but that is also company or location specific for a password. Make sure it’s not something that would be obvious to anyone that knows your type of system. This is an easy fix that will solve most problems, but it is true that few firms are managing their computer passwords effectively.

I would think attacks are more likely to come from over loading the computer systems with queries or requests of a “low tech nature” that are so numerous that the systems become overloaded and cannot function as programmed, similar to blasting someone with so many emails that their desired emails do not get through. This may call for some IT support to help set up a roles and permission system that will pass through only queries or requests from authorized system users.

People say you should think globally but act locally. They may be right in this case. If every company pays heed to these concerns locally, our national energy infrastructure, as a whole, will be much safer.