Good day. Machine-based attacks could transform the cyber battlefield for utility companies, WSJ Pro’s James Rundle reports. Firms and federal organizations must prepare critical infrastructure to defend against potentially trillions of daily attack attempts as organized groups learn to use artificial intelligence to hit electricity providers and oil and gas companies.
Question of the week for corporate security leaders: How does AI figure into your cybersecurity program? Email me your comments, which we may edit before publication, to email@example.com, and make sure to include your first and last name and location.
Also today: Bipartisan election security agency grapples with leadership gaps and budget cuts; Federal Reserve weighs increased scrutiny of tech companies focused on finance industry.
Utility companies prepare for AI-powered cyber threats. The volume and speed of cyberattacks launched against critical infrastructure could rise to dangerous levels with the advent of artificial intelligence, the head of a major U.S. power utility warns.
While the power sector already deals with millions of attacks a day, machine-based attacks could send that number soaring to trillions a day, said
president and chief executive of Atlanta-based Southern Co.
Utilities need to invest in defenses and do so quickly, said Mark James, an adjunct professor of law at Vermont Law School and a co-author of a report on state power utilities’ cybersecurity practices, published this month.
“It’s best to address concerns now, and create the systems and processes that can facilitate this investment at a speed and scope that is commensurate with the change in the threat, and the risks to maintaining a secure and resilient grid,” he said.
Read the entire article.
Cut this year to the budget of the bipartisan Election Assistance Commission, a federal agency founded to promote best practices for election administration after ballot-counting problems plagued the 2000 U.S. presidential election.
More Cyber News
Report: Election security agency grapples with staffing, budget cuts. The U.S. Election Assistance Commission, which is focused exclusively on the voting process, is struggling to help state and local officials bolster the security of their voting systems, the agency’s inspector general said in a report released this week. Two of the agency’s most senior officials—the executive director and general counsel—stepped down last month, and the agency has begun looking for their successors, the WSJ reports. In 2019, the agency sustained a cut to its budget for salaries and administrative tasks, which lowered the budget to $7.9 million from $8.6 million the year before.
Interim leader agrees: The agency’s acting executive director and chief information officer, Mona Harrington, said in a letter to the inspector general dated Monday that the agency “concurs” with the findings about its troubles. “Investment in the EAC to support effective and secure elections and the funding of programs can no longer be ignored,” Ms. Harrington wrote in the letter.
Not good: The commission had to set aside plans to hire its own cybersecurity expert because of a lack of funding, the report said.
Federal Reserve steps up scrutiny of tech firms that serve banks. The central bank is looking at whether to examine the compliance programs and governance structures at tech firms that provide data storage and services to the industry, Richard Ashton, deputy general counsel for litigation, enforcement and system matters, said Thursday at a conference in New York. Mr. Ashton didn’t provide additional details about the central bank’s examination plans, the WSJ’s Risk & Compliance Journal reports. Banks are ultimately responsible for managing the risks associated with vendor relationships, but in cases where several banks rely on the same third-party provider, regulators may have a bigger role to play, Mr. Ashton said.
Robocall scams exist because they work—one woman’s story shows how. A caller impersonating an FBI agent persuaded Nina Belis to drain close to $340,000 from her bank accounts. He made use of new technology, psychological tricks and a knowledge of the banking system, and experts say the threats are proliferating, the WSJ reports.
GDPR Decision on WhatsApp Delayed Over Company’s Concerns
Brussels Report: The Push for Digital Sovereignty and Local Champions
U.S. Investors Focus on Cybersecurity as Data Concerns Deepen
Companies Try Tailored Approach to Avoid Cyber Missteps