Contracts will support new tools to protect electrical, gas and oil infrastructures from cyber attacks.
In a move to shore up protections for national infrastructure owned by the private sector, the Department of Energy has awarded 11 contracts worth a combined $30 million to develop new tools to protect the electrical grid and gas and oil infrastructures from cyber attacks.
Despite the potential for a cyber attack against this infrastructure to wreak havoc with government, businesses and citizens, there is no legal requirement that utilities harden their computer networks against malicious hackers or malware; defensive measures are voluntary.
The importance of addressing network security issues wasn’t lost on DOE officials. Hackers broke into an Energy Department database in July, making off with personnel data on 53,000 current and former employees and contractors. The DOE cyber incident occurred as a result of a failure to patch a ColdFusion system against known vulnerabilities.
The contracts are part of broader efforts by the Obama administration to focus greater attention on defending the nation’s infrastructure networks against cybersecurity threats, a DOE spokesman told InformationWeek. President Obama issued Executive Order 13636 in February that took steps to promote and develop incentives to industry to adopt stronger cybersecurity measures.
DOE originally planned to allocate approximately $20 million to these projects, but elected to increase the funding, a department spokesman said, based on the administration’s commitment to cybersecurity and the strength of the 11 proposals.