A Government Accountability Office report found the U.S. electrical grid's distribution systems to be at an increased risk for cyberattacks, "in part due to the introduction of and reliance on monitoring and control technologies," according to The Hill.
The scale of potential impacts from such attacks is not well understood, GAO noted, adding that the Department of Energy's cybersecurity strategy does not adequately address the risks faced by distribution networks that are related to supply chains.
The report further notes that a cyberattack could affect the whole country depending on the affected distribution network, such as causing "outages in multiple areas even if it did not disrupt the bulk power system, according to officials from one national laboratory."
The GAO report urges the DOE secretary to coordinate with the Department of Homeland Security, state officials and industry stakeholders in order to devise a plan on how to prevent distribution system risks.
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
Volt Typhoon and other Chinese cyberespionage operations were noted by FBI Director Christopher Wray to be already gearing up for far-reaching disruptive intrusions against U.S. critical infrastructure by 2027 should the U.S. interfere with China's conflict with Taiwan, according to CyberScoop.
Threat actors could potentially launch a software supply chain attack by exploiting a dependency confusion flaw impacting the archived Apache Cordova App Harness project, which had been discontinued five years ago, reports The Hacker News.