Internet Explorer 11 is not supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Largest U.S. Government-Owned Utility Triages a Billion or More Cyberthreats Daily

The Tennessee Valley Authority in Chattanooga is one of the country’s richest targets for cyberterrorists with seven nuclear reactors and dozens of hydroelectric dams. It also provides electricity to a nearby nuclear weapons arsenal.

(TNS) — As America's electricity grid has become more digitized with more web-based smart meters and devices, cybercriminals have targeted the energy sector as an attractive target.

The Tennessee Valley Authority — the biggest U.S. government-owned electric utility with seven nuclear reactors, 29 hydroelectric dams and service to the Oak Ride nuclear weapons arsenal — is one of the richest potential targets for cyberterrorists.

But within TVA's Chattanooga Office Complex, a small army of computer specialists work around the clock to protect the utility against cyberhacks. In TVA's cybersecurity operations center, nearly two dozen IT specialists stare at a bank of computer terminals and scan email messages, twitter feeds and network activity looking to spot any signs of cyberthreats. The 60-employee cybersecurity division monitors more than 1 billion activities a day across different digital platforms in TVA's 7-state region while also keeping in contact with government and private watchdog agencies for signs of possible cyberthreats from around the globe to the electric grid.

"Across all industries cybersecurity threats are increasing both in number and sophistication and the energy sector is one of the most sought after sectors for cyberattackers," said Andrea Brackett, a 26-year TVA employee who serves as director of TVA cybersecurity in Chattanooga. "We invest millions of dollars each year into our cybersecurity program and we make sure that we educate all TVA workers that part of their role is taking cybersecurity seriously and to be one of our layers of defense."

Two years ago, TVA opened its cybersecurity facility in its downtown office complex where workers view both their own computer screens and giant wall displays of twitter feeds, threat warnings and other potential cybercriminal activity across the 80,000 square miles in the Tennessee Valley. Workers constantly look for and correct potential problems from hackers or those phishing for access to information or to potentially damage the power system.

"Our threat intelligence unit here is constantly maintaining an awareness of what the cyberlandscape looks like, analyzing what attacks are happening not only across the electric sector but also industries as well," Chad Tyler, a senior information security specialist for TVA, said Wednesday during a tour of TVA's cybersecurity facilities as part of the agency's recognition of National Cybersecurity Awareness month. "We also have a sensor operations group, incident responders and a risk team to help us detect and assess the potential cyberthreats to our network."

As a government-owned utility, TVA is subject to more regulation and review than most investor-owned utilities, in part, because government identities are regarded as more of a potential target for state-sponsored terrorists wishing to attack the United States.

Like all wholesale electricity suppliers, TVA must comply with the safety and security standards of the North American Electric Reliability Corporation, the industry group that sets standards for transmission and power reliability.

But as a federal agency, TVA also must comply with the federal Information Security Modernization Act of 2014 and follow the executive branch orders for government agencies through the U.S. Department of Homeland Security, which rates each government agency every year.

"We're improving and working all the time to get better," Brackett said.

TVA also works with other utilities to meet standards and evaluate new programs by the Department of Energy for cybersecurity. Last year, the U.S. Department of Energy created the Office of Cybersecurity, Energy Security and Emergency Response with a $28 million annual budget to research technologies that help prevent, detect and mitigate cyberattacks, with an emphasis on communication and cloud-based operations.

The World Energy Council reports that there has been a "massive" increase in the number of successful cyberattacks in recent years. In response, President Trump in 2017 issued an executive order demanding stronger cybersecurity of critical infrastructure. The Department of Energy has released a five-year strategy to combat the risk of power disruptions caused by cyberattacks, focusing on threat-sharing, supply chain risks, and research and development of more resilient energy systems.

TVA's own internal watchdog, the Office of Inspector General, also evaluates TVA cybersecurity activities. An audit of TVA web sites and email earlier this year found that among 116 TVA registered internet domains tested for email security requirements, 115 did not meet Department of Homeland Security standards for cybersecurity. Brackett said the problems identified by the inspector general have since been corrected.

By 2023, TVA plans to relocate the power operations center now located in the basement of its downtown power headquarters in Chattanooga to a new $300 million facility being built in southern Meigs County as part of one of the biggest upgrades of TVA's power grid in the utility's 86-year history. The more rural location is designed to be more secure for the power control center, but Brackett said the cybersecurity operations will stay downtown.

"The new center will provide us additional opportunities to evaluate what kind of technologies we can use to protect the grid," she said.

The new secured power center planned near Georgetown is being built to help accommodate a new energy management system that will be supported by another $300 million expansion of the fiber optic lines TVA also is building along about 3,500 miles of its 16,000 miles of transmission lines.

©2019 the Chattanooga Times/Free Press (Chattanooga, Tenn.). Distributed by Tribune Content Agency, LLC.

Special Projects
Sponsored Stories
Sponsored
In this episode, Marianne Steger explains why health care for Pre-Medicare retirees and active employees just got easier.
Sponsored
Government organizations around the world are experiencing the consequences of plagiarism firsthand. A simple mistake can lead to loss of reputation, loss of trust and even lawsuits. It’s important to avoid plagiarism at all costs, and government organizations are held to a particularly high standard. Fortunately, technological solutions such as iThenticate allow government organizations to avoid instances of text plagiarism in an efficient manner.
Sponsored
Creating meaningful citizen experiences in a post-COVID world requires embracing digital initiatives like secure and ethical data sharing, artificial intelligence and more.
Sponsored
GHD identified four themes critical for municipalities to address to reach net-zero by 2050. Will you be ready?
Sponsored
As more state and local jurisdictions have placed a priority on creating sustainable and resilient communities, many have set strong targets to reduce the energy use and greenhouse gases (GHGs) associated with commercial and residential buildings.
Sponsored
As more people get vaccinated and states begin to roll back some of the restrictions put in place due to the COVID-19 pandemic — schools, agencies and workplaces are working on a plan on how to safely return to normal.
Sponsored
The solutions will be a permanent part of government even after the pandemic is over.
Sponsored
See simple ways agencies can improve the citizen engagement experience and make online work environments safer without busting the budget.
Sponsored
Whether your agency is already a well-oiled DevOps machine, or whether you’re just in the beginning stages of adopting a new software development methodology, one thing is certain: The security of your product is a top-of-mind concern.