3rd Party Risk Management , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime
Executive Order's Focus: Protecting Power Grid Supply Chain
Trump Bans Use of Foreign Equipment That Poses 'National Security Threat'Declaring that threats to the United States’ power grid are a national emergency, President Donald Trump is taking steps designed to help defend the grid from foreign interference by focusing on the supply chain.
See Also: SIEM Wishlist: Top 5 Reasons Security Teams Can’t Wait to Upgrade
In an executive order issued Friday, the president banned the use of certain equipment for the power grid that’s manufactured by a company under the control of a foreign adversary, or the buying of any equipment that poses a national security threat.
The order doesn’t name any countries or companies. But it notes that the term "foreign adversary" means "any foreign government or foreign non-government person engaged in a long-term pattern or serious instances of conduct significantly adverse to the national security of the United States or its allies or the security and safety of United States persons."
Back in 2018, the U.S. Cybersecurity and Infrastructure Security Agency warned about threats to the grid from Russia-sponsored hackers.
Cybersecurity Concerns
Trump's executive order cites concerns about nation-state hackers attempting to insert vulnerabilities into the equipment they sell to U.S. electrical and power firms or exploiting flaws in that gear as part of an attack.
"The bulk-power system is a target of those seeking to commit malicious acts against the United States and its people, including malicious cyber activities, because a successful attack on our bulk-power system would present significant risks to our economy, human health and safety, and would render the United States less capable of acting in defense of itself and its allies," the executive order states.
The president’s order also authorizes the Energy secretary to identify foreign-made equipment that is already installed in various power and electrical utilities and develop recommendations to monitor and eventually replace that gear.
In addition, the order calls for creation of a task force to coordinate how the federal government buys power and electrical infrastructure equipment and share risk management practices and information about these procurements to help create better intelligence and security plans.
More Action Needed
While the president’s executive order will help to secure the power grid supply chain, more needs to be done to get power companies to improve their own security, says Tom Kellermann, the head of cybersecurity strategy at VMware. He served as a cybersecurity adviser to the Obama administration.
"It represents a step in the right direction to secure the supply chain,” he says. “However, the executive order must direct the sector to improve their cybersecurity immediately as it is inadequately protected from cyberattacks," Kellermann tells Information Security Media Group.
The president’s order comes more than 13 months after reports surfaced that unidentified intruders probed weaknesses in the network firewalls of a U.S. power utility to attempt a distributed denial-of-service attack, causing a brief communication disruption between remote sites and the utility's main control center (see: Hackers Attempted DDoS Attack Against Utility: Report)
Congressional Action
Congress is also paying closer attention to vulnerabilities in the U.S. power grid. In 2019, the Senate and House included a provision called the Securing Energy Infrastructure Act into the 2020 National Defense Authorization Act, which Trump signed into law. The measure includes a two-year pilot program within the U.S. Energy Department's National Laboratory to identify vulnerabilities within the grid (see: Electrical Grid Cybersecurity Measure Advances)
Security researchers have also noted an increase in activity by some threat groups to gather intelligence and conduct reconnaissance of the U.S. power grid as well as other countries' grid infrastructure. Actual attacks against power and electric utilities, however, remain relatively rare (see: Hackers Increasingly Probe North American Power Grid)
Regulators’ Reactions
In a statement, the U.S. Department of Energy welcomed the executive order.
"This executive order will greatly diminish the ability of foreign adversaries to target our critical electric infrastructure," Energy Secretary Dan Brouillette says.
It is imperative our bulk-power system remains secure from exploitation and foreign threats. This Executive Order will lessen the ability of foreign adversaries to target our electrical grid.
— Dan Brouillette (@SecBrouillette) May 1, 2020
On Twitter, Neil Chatterjee, the chairman of the Federal Energy Regulatory Commission, which regulates the interstate transmission of electricity, called Trump’s order a necessary step that will enhance the security of the U.S. power grid.