While U.S. water utilities have been identified as vulnerable to cyber attacks, the dams that generate hydropower within the U.S. are also vulnerable to such attacks. Some of that vulnerability is because most dams have never undergone a federal cybersecurity audit, and the software used at dams is widely used by government and industry, thereby undermining U.S. cyber defenses, says a U.S. senator who led a hearing on the issue.
Every critical infrastructure sector faces cyber threats, including the dams that generate hydropower, according to Senate Subcommittee on Water and Power Chairman Ron Wyden (D-Ore.). The threats of cyber attack are from “countries like China and Russia” as those countries “have the ability to shut down core functions of society, and even cause death by hacking critical infrastructure,” Wyden said at the subcommittee hearing held on April 10, 2024, that examined the “Federal and Non-Federal Role of Assessing Cyber Threats to, and Vulnerabilities of Critical Infrastructure in our Energy Sector.”