The U.S. electric grid "faces imminent danger" from cyber-attacks, which are growing more frequent and sophisticated, according to the Energy Department.
In the department’s landmark Quadrennial Energy Review, it warned that a widespread power outage caused by a cyber-attack could undermine "critical defense infrastructure" as well as much of the economy and place at risk the health and safety of millions of citizens.
"Cyber threats to the electricity system are increasing in sophistication, magnitude, and frequency," it said in the 494-page report. "The current cybersecurity landscape is characterized by rapidly evolving threats and vulnerabilities, juxtaposed against the slower-moving deployment of defense measures."
The department detailed 76 recommendations to boost energy, including increasing the collection of data about online breaches from utilities. Separately, it called for extending tax credits to boost construction of new nuclear reactors. Overall, the report said, total investment requirements necessary for grid modernization range from $350 billion to $500 billion.
While the report noted cyber-attacks "have had limited consequences to date," it said that a 2015 attack on the Ukrainian grid that caused widespread power outages, "should be seen as an indicator of what is possible."
Modified or new grid reliability requirements and increased data collection on cyber-attacks, were other recommendations. The report also called for a new Energy Department assessment of cybersecurity for natural gas pipelines.
The Quadrennial Energy Review is part two of a broad administration-wide review of the nation’s energy policies. The first report, released in 2015 focusing on energy infrastructure, recommended spending $15.2 billion over a decade to improve the grid, and called for $2 billion to upgrade the Strategic Petroleum Reserve.