Two dams classified as critical to U.S. national security are at high risk for "insider threats" because of poor computer security practices, according to a new federal report.
Too many employees having access to administrator accounts and failures to routinely change passwords have left the dams vulnerable to attacks that could impair operations, an evaluation released Monday by the U.S. Department of the Interior inspector general’s office says.
The report doesn’t name the two dams, and spokeswoman Nancy DiPaolo cited national security concerns in withholding those specifics.
But the two are among five dams operated by the U.S. Bureau of Reclamation that the Department of Homeland Security has categorized as "critical infrastructure." That designation means their destruction or impairment could hurt national security. The five dams are Shasta and Folsom dams in California, Glen Canyon Dam in Arizona, Grand Coulee Dam in Washington and Hoover Dam, which straddles Nevada and Arizona.
The United States and other countries have accused Russian hackers of trying to infiltrate critical infrastructure such as power plants, elevating the sensitivity around making sure U.S. systems are secure.