Hydroelectric Dams and ICS Security

A recent report from the office of the U.S. Department of the Interior’s Inspector General indicates that several hydropower dams are vulnerable to internal threats. Specifically, an evaluation was conducted of five hydropower dams operated by the U.S. Bureau of Reclamation (USBR) and categorized as “critical infrastructure.”

The USBR is the second largest hydroelectric power producer in the United States, with its plants serving over 3.5 million homes. Acknowledging their breadth of service, cyber threats directed at them could cause wide-reaching effects. In particular, threats to the industrial control system (ICS) that control physical outcomes of the dams could “adversely affect national security.”

One key finding of the Inspector General’s evaluation was that these dams are not at significant risk of threats from external hacking. The remaining threats, identified as being high-risk, are noted as coming from internal sources; in other words, the biggest cyber threats to these hydroelectric dams are their employees and former employees.

Directly at fault for these vulnerabilities are the USBR’s practices of account management and personnel security, with primary issues relating to ICS system administrator access, password security and background checks. Even when the ICS is separated from the internet at large and the organization’s business systems, these types of internal threats continue to leave the ICS at significant security risk.

System Administrator Access

One major vulnerability for the dams’ ICS systems comes from the way their administrator access is controlled and monitored. The evaluation found that most of the USBR Operations Center’s 25 employees had access to at least one other ICS account that was not defined by their position; only five of the 13 employees with system administrator access had official ICS administration-related duties.

According to principles established by the National Institute for Standards and Technology (NIST (Read more...)