Federal Report Cites 'Insider' Security Risk at Critical Western Dams

Shasta Dam is among five major U.S. Bureau of Reclamation dams that the Department of Homeland Security has designated as critical infrastructure. A Department of the Interior inspector general's report says two unnamed dams among the five could be at risk from insider attacks.  (Dan Brekke/KQED)

Two dams classified as critical to U.S. national security are at high risk for "insider threats" because of poor computer security practices, according to a new federal report.

Too many employees having access to administrator accounts and failures to routinely change passwords have left the dams vulnerable to attacks that could impair operations, an evaluation released Monday by the U.S. Department of the Interior inspector general’s office says.

The report doesn’t name the two dams, and spokeswoman Nancy DiPaolo cited national security concerns in withholding those specifics.

But the two are among five dams operated by the U.S. Bureau of Reclamation that the Department of Homeland Security has categorized as "critical infrastructure." That designation means their destruction or impairment could hurt national security. The five dams are Shasta and Folsom dams in California, Glen Canyon Dam in Arizona, Grand Coulee Dam in Washington and Hoover Dam, which straddles Nevada and Arizona.

The United States and other countries have accused Russian hackers of trying to infiltrate critical infrastructure such as power plants, elevating the sensitivity around making sure U.S. systems are secure.

Sponsored

The inspector general's report, however, found the two dams are at low risk of outside cyber infiltration but at high risk of threats from within. They're run remotely through a computer system that controls generators, valves and gates at the dams from a U.S. Bureau of Reclamation operations center.

Among the factors cited as security risks: Too many people have access to administrative accounts, employees aren't changing their passwords often enough, account access isn't always revoked when employees leave, and the agency isn't conducting robust enough background checks for employees with high-level privileges. For example, the evaluation found nine of 30 administrator accounts hadn't been used in more than a year.

The report characterized the issues as "significant control weaknesses that could be exploited by insiders."

Administrative access would give an employee the ability to compromise the system by installing malware to disrupt dam operations, installing back-door access for others, deleting or modifying crucial programs, revoking access for others and deleting or modifying control logs to "conceal malicious activity," according to the report.

The inspector general offered five recommendations, including eliminating the use of group accounts that allow multiple workers access and conducting more rigorous background checks on certain employees.

The U.S. Bureau of Reclamation disputed several of the findings. It said the number of people with privileged administrative access is necessary to provide 24/7 support to the dams and that system administrators are required to log their use of group accounts. The bureau said it follows federal guidelines for conducting background checks.

The inspector general conducted interviews with operations center and dam staff in April 2017.

Volume
KQED Live
Live Stream
LATEST NEWSCAST
KQED
NPR
Live Stream information currently unavailable.
Share
LATEST NEWSCAST
KQED
NPR
KQED Live

Live Stream

Live Stream information currently unavailable.