Duke Energy, the biggest US electric company, battling steady cyberattacks
DURHAM — The country’s largest electricity company is on alert for cyberattacks that aim to hamper the critical flow of power and is listening to U.S. intelligence agencies about potential threats, the Duke Energy Corp. executive heading electronic protection efforts said.
Duke Energy manages dams, nuclear power plants and other types of electricity-generating plants — three of the 16 types of infrastructure critical to American life that the U.S. is focused on protecting from criminal hackers and hostile governments. As the power supplier to more than 7 million customers in six Southeast and Midwest states, the utility’s computer systems are under constant attack, Duke Energy Executive Vice President A.R. Mullinax said.
Mullinax said he carries a U.S. government “secret” clearance that allows him to be briefed by the FBI and other security agencies about threats to the power grid that runs everything from corporate data networks to household refrigerators.
While power companies share information among themselves, the company’s Charlotte hometown also is one of dozens of cities with a chapter of InfraGard, a business partnership with the FBI to share information and prevent hostile acts.
“FBI is actually a great resource,” Mullinax said in an interview last week on the sidelines of a cybersecurity conference that included members of the FBI, Secret Service and Department of Homeland Security offering tips to business leaders. “They don’t necessarily share classified information with us, but they can say we’re seeing things that would cause you to take this action.”
About a dozen times in the last decade, sophisticated foreign hackers have gained enough remote access to control the operations networks that keep the lights on, top experts who spoke only on condition of anonymity due to the sensitive nature of the subject matter told The Associated Press. It’s believed businesses are hacked much more frequently than is reported, and the secret is kept successfully.
