U.S. Dams Face Growing Cyber Threats

Could a hacker seize control of America’s dams, unleashing floods and chaos across vulnerable communities? Cybersecurity analysts and leading lawmakers warn it’s possible.

See Also: Transforming the vision for Public Sectors in Australia New Zealand

During an April hearing on cybersecurity threats to critical water infrastructure, Sen. Ron Wyden, D-Ore., used stunningly apocalyptic framing to raise his concerns.

“As the chairman of the subcommittee responsible for dams, I don’t want to wake up to a news report about a small town in the Pacific Northwest getting wiped out because of a cyberattack against a private dam upriver,” the senator said.

Influential voices in the cybersecurity field typically avoid alarmist scenarios, favoring practical, actionable responses to threats. But with the majority of dams under Federal Energy Regulatory Commission oversight not having undergone comprehensive cyber audits, and only four full-time employees tasked with overseeing 2,500 dams nationwide, experts agree with Wyden about the vulnerability of the sector to cyberattacks that could result in loss of human lives.

“Human life and safety are in play here,” Padriac O’Reilly, a water cyber risk advisor for the Defense Department and chief innovation officer of the cyber risk firm, CyberSaint, told Information Security Media Group. “Operational technology, population centers near dams, critical power generation capacity – all of these coupled with a lack of knowledge with respect to the maturity of cyber risk management adds up to a very concerning…