June 16, 2016
Connecticut Green Guide

PURA chair: Power grid must be protected from cyber attacks

Matt Pilon
Matt Pilon
PURA Chairman Arthur House addresses the crowd at a June 16 energy conference hosted by the Connecticut Business & Industry Association in Farmington.

The head of Connecticut's Public Utilities Regulatory Authority on Thursday continued to call for higher levels of preparation for a potential cybersecurity attack on the power grid, which he and a number of U.S. security officials say is an eventuality.

Arthur House, PURA's chairman, told an audience of energy industry attorneys, executives and others that Connecticut has begun to prepare for such an event, which he said could could range widely in severity.

A wide variety of industries have been hit with well-publicized cyber attacks, and House said some U.S. utilities' systems have already been infected with latent worms that could be activated.

An attack on a New England utility or its infrastructure could have the impact of something like Hurricane Sandy, House said, which knocked out power to hundreds of thousands of Connecticut ratepayers, some for more than a week.

But that might be considered a favorable outcome compared to other possibilities.

"If it were done in conjunction with a hurricane, or an ice storm, or in the winter when we needed the heat, or if it were done combined with an attack on a natural gas pipeline with electricity generation, the consequences could be more long-lasting and more profound than anything we've seen in our lifetimes" House said.

A situation like that could mean months without cell phone or Internet communications, sewage and public health problems, and potentially, the need for martial law to keep order.

House is unique in that he is one of only a handful of state-level utility commissioners in the country with a national-security clearance. Before coming to PURA in 2012, he worked in high-ranking communications positions for the National Geospatial-Intelligence Agency and the Office of the Director of National Intelligence.

He noted Connecticut has already taken some steps to beef up its cybersecurity and plan for disaster relief.

In April, PURA finalized its cybersecurity oversight plan, which will include voluntary annual meetings with electric, gas and water utilities to review their security plans. The first of those meetings will begin after Labor Day, House said.

Utilities had concerns about sharing their security plans with too many government officials, but many agreed to participate. On Thursday, House specifically praised Eversource, Avangrid, Connecticut Water Service and Aquarion Water Co. for doing so.

"Let the record show that on the critical subject of cyber security, government and business came together," he said.

But not all businesses. Though they came to the table initially, telecom companies, which PURA also regulates, eventually declined to participate in the program, urging the state to instead wait for a federal oversight program to emerge.

"They've decided to not join with us," House said Thursday. "We've left the door open and we hope…they will join with us in this endeavor."

Free E-Newsletters

Sign up now for our daily and weekly
e-newsletters! Click Here

Today's Poll Is replacing Centerplan Cos. as builder of Dunkin’ Donuts Park the right move?<>
Most Popular on Facebook
Copyright 2017 New England Business Media