A cyber attack on the electric power delivery system can potentially black out parts of the country for months at the cost of billions of dollars.
WASHINGTON - The electrical grid is vulnerable to terrorist attacks, including cyber strikes, that could cause far more damage than those associated with natural disasters such as Hurricane Sandy, according to a report released on Wednesday.
Without urgent attention to security, the United States risks having large parts of the country blacked out "for weeks or months" at a cost of billions of dollars, the non-partisan National Research Council said.
The group's report was completed in 2007 but was classified by its sponsor, the Department of Homeland Security, until now. The council lobbied DHS to allow for its release, and said key findings remain "highly relevant."
"Major cascading blackouts in the U.S. Southwest in 2011, and in India in 2012, underscore the need for the measures discussed in this report," the group said.
In the intervening five years, the potential for cyber attacks on critical elements of the electric power delivery system - including communications, sensors and controls or other key infrastructure - have arguable risen sharply.
"Any telecommunication link that is even partially outside the control of the system operators could be an insecure pathway into operations and a threat to the grid," the report said.
The sprawling power transmission system, spread across hundreds of miles and with many key facilities unguarded, is "inherently vulnerable," according to the council.
Deregulation in the mid-1990s, designed to increase competition in the supply of bulk power, was said to have put the network even more at risk.
"The power grid, most of which was originally designed to meet the needs of individual vertically integrated utilities, is being used to move power between regions to support the needs of competitive markets for power generation."
As a result, many parts of the bulk high-voltage system are heavily stressed and at risk for multiple failures should an attack occur.
In some instances, key equipment is "decades old" and does not have the modern technology for sensing and control that could help to limit outages, the council said.
(Reporting by Ros Krasny)