Federal Watchdog Criticizes Bonneville Power Administration’s Cyber Security

Mar 30, 2012

The region’s main electricity wholesaler, the Bonneville Power Administration, has major shortcomings with regards to its cyber security and computer systems. That’s according to a report released Thursday by the Department of Energy’s investigative arm. The BPA is taking issue with the seriousness of the findings.

The federal auditor is concerned BPA is not well-enough equipped to handle a cyber attack. And the years-long review also dinged BPA for security gaps. That could jeopardize the regional electricity grid and in the worst case black out customers.

For example, BPA was found to have weak passwords giving some workers unneeded access to sensitive information.

BPA’s spokesman Doug Johnson responds, “We do want our ratepayers and the citizens of the Northwest to know that we are carefully watching our IT systems, doing everything we can to protect our critical business systems.”

Johnson says Bonneville will come up with a plan within six months to answer the Inspector General’s concerns. The federal report says some of its findings at BPA were similar to a previous audit done in 2008.

The Bonneville Power Administration manages several federal hydroelectric dams in Idaho including Diversion Dam and Anderson Ranch Dam above Boise.