2018 Energy Department Report on Assessment of Electricity Disruption Incident Response Capabilities, Cybersecurity of Federal Networks and Critical Infrastructure, Cyber Attack Threats and Impacts

This excellent report has been professionally converted for accurate flowing-text e-book format reproduction.

Electricity is critical to every aspect of modern life. The United States' national security, economy, and public health and safety rely on the North American electric grid every second of the day. (The terms 'electric grid', 'the grid', and 'electricity system' are used interchangeably throughout this report.) These, and many other functions powered by the grid have likely experienced local outages caused by weather, accidents, or sometimes from tree branches falling on power lines. Larger power outages, however, are infrequent occurrences, due in part to an array of organizations that work tirelessly to ensure the grid remains reliable, resilient, and secure. Nonetheless, it is neither practical nor possible to prevent all disruptive events. Grid owners and operators balance risk, investment, and cost to customers when making investments in their systems.

Cybersecurity of the U.S. electric grid has emerged as one of the most important issues facing the electricity subsector today. There are key trends that are increasing the risk of significant cyber incidents. (Presidential Policy Directive 41 defines a significant cyber incident as a cyber incident that is (or group of related cyber incidents) likely to result in demonstrable harm to the national security interests, foreign relations, or economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people.) On one hand, utilities and grid operators are adopting new technologies that leverage ever-expanding amounts of data and automated control capabilities to manage the grid more efficiently and reliably. On the other hand, cyber threat actors are becoming more knowledgeable about how to exploit various aspects of the grid infrastructure, including pathways through these new technologies, to achieve their malicious objectives.

Contents * Executive Summary * Scope and Duration of a Significant Cyber Incident * U.S. Readiness to Manage Consequences * Gap in Assets and Capabilities * 1.0 Electric Sector Operations, Reliability, and Cybersecurity * 1.1 An Array of Organizations Work to Provide Electricity * 1.2 The Electric Grid Remains Reliable * 1.3 Trends in Cybersecurity Affecting the Electric Grid * 2.0 Scope and Duration of a Prolonged Power Outage from a Significant Cyber Incident * 2.1 Recent DOE Analysis of Potential Cyber Incident Scenarios * 2.2 Historical Electric Grid Impacts from All Hazards * 2.3 A Significant Cyber Incident May Complicate Response and Restoration * 2.4 Assessing the Impacts to the United States' National Security, Economy, and Public Health and Safety * 2.4.1 Assessing Impacts to National Security * 2.4.2 Assessing Impacts to the Economy * 2.4.3 Assessing Impacts to Public Health and Safety * 3.0 U.S. Readiness to Manage Consequences * 3.1 Planning * 3.1.1 National Preparedness System * 3.1.2 National Cybersecurity Incident Response Plan * 3.1.3 National Infrastructure Protection Plan * 3.2 Information Sharing * 3.3 Cyber Incident Response * 3.3.1 Stakeholder Capabilities * 3.4 Training and Exercises * 3.5 Authorities that Enable Response and Recovery * 3.6 Conclusions * 4.0 Gap in Assets and Capabilities * 4.1 Cyber Situational Awareness and Incident Impact Analysis * 4.2 Roles and Responsibilities under Cyber Response Frameworks * 4.3 Cybersecurity Integration into State Energy Assurance Planning * 4.4 Electric Cybersecurity Workforce and Expertise * 4.5 Supply Chain and Trusted Partners * 4.6 Public-Private Cybersecurity Information Sharing * 4.7 Resources for National Cybersecurity Preparedness