Recent cyberattacks reveal US utilities’ extreme vulnerability

Highly inadequate digital security poses a national threat as hackers shift focus to utilities’ networks.

When the Los Angeles Department of Water and Power was hacked in 2018, it took a mere six hours. Early this year, an intruder lurked in hundreds of computers related to water systems across the U.S. In Portland, Oregon, burglars installed malicious computers onto a grid providing power to a chunk of the Northwest. Two of those cases — L.A. and Portland — were tests. The water threat was real, discovered by cybersecurity firm Dragos. All three drive home a point long known but, until recently, little appreciated: the digital security of U.S. computer networks controlling the machines that produce and distribute water and power is woefully inadequate, a low priority for operators and regulators, posing a terrifying national threat.