(Adds comments from cybersecurity hearing)
By Alina Selyukh and Jim Finkle
WASHINGTON/BOSTON May 21 Several power utilities
say they face a barrage of cyber attacks on their critical
systems, a report by two Democratic lawmakers found echoing
warnings from the Obama administration that foreign hackers were
trying to bring down the U.S. power grid.
California Representative Henry Waxman released the report,
co-authored with Massachusetts Representative Ed Markey, at the
House Energy and Commerce Committee's cybersecurity hearing on
The pair asked some 160 utilities to describe their
experiences fighting cyber attacks over the past five years. In
response, more than a dozen said they experienced daily,
constant or frequent attempted cyber attacks, according to a
35-page report summarizing their responses.
(To read the report, see r.reuters.com/sej38t)
But utilities termed the report as overblown, saying their
systems were adequately protected through mandatory standards
set by the North American Electric Reliability Corp (NERC) that
ensure separation of control systems and consumer-facing or
"The majority of those attacks, while large in number, are
the same attacks that every business receives" through
web-connected networks, Arkansas Electric Cooperative
Corporation Chief Executive Duane Highley told the hearing.
"Those are very routine kinds of attacks and we know very
well how to protect against those...Our control systems are not
vulnerable to attack," he told Reuters after the hearing, saying
current NERC standards make it illegal to interconnect the
public-facing networks and the control centers.
But many lawmakers echoed some senior White House officials
in expressing fear that while they do not know of any successful
attack on the power grid, hackers may have that ability.
Senior Obama administration officials began warning late
last year that foreign enemies are looking to sabotage the U.S.
power grid, air traffic control systems, financial institutions
and other infrastructure.
Last week, NERC Chief Executive Officer Gerry Cauley told
the Reuters Cybersecurity Summit that there has never been a
destructive cyber attack on the grid, mostly probes and spying
malicious software and that he worried more about physical
attacks on the power grid than cyber ones.
Tuesday's report cited an unidentified Northeastern power
provider as saying it was under constant attack from cyber
criminals as well as activist groups who have been targeting
firms in the energy sector over the past few years.
A power provider from the Midwest said it experienced daily
probes of its systems: "Much of this activity is automated and
dynamic in nature, able to adapt to what is discovered during
its probing process," the company said.
Markey is running for U.S. Senate in Massachusetts against
Republican Gabriel Gomez, seeking the seat vacated by John
Kerry, now U.S. Secretary of State.
This year, the House has also passed a cybersecurity bill
meant to ease the sharing of data between the government and the
private sector, despite the threat of veto by President Barack
Obama over privacy concerns. The Senate is working on its own
version of the bill.
Highley welcomed the work toward an industry-led solution
and better communication with the government, but pleaded with
the legislators that "NERC has it covered. Please don't mess
"We're all about reliability. We don't want to have lights
going out anymore than anybody else does," he told Reuters.
(Reporting by Jim Finkle in Boston and Alina Selyukh in
Washington; Editing by Ros Krasny, Phil Berlowitz and Leslie