On February 1, the House Homeland Security Subcommittee on Cybersecurity approved by voice vote an amended version of HR 3674, the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness (PRECISE) Act of 2011. In keeping with the House Cybersecurity Task Force Report released last year, the bill focuses on improving and incentivizing information sharing between the government and the critical infrastructure on cyber threats and incidents. PRECISE would establish DHS as lead federal agency for the coordination of federal and critical infrastructure cybersecurity efforts, the development of a national cybersecurity strategy, and the formulation of voluntary cybersecurity guidelines. Read more »

The Industrial Control System Cyber Emergency Response Team (ICS-CERT) has issued an alert on February 3, 2012, concerning SSH scanning activity that is targeting control systems. The agency states that this Alert is being issued  to inform critical infrastructure and key resource (CIKR) asset owners and operators of recent and ongoing activity involving secure shell(SSH), a scanning of Internet facing control systems.

As recently as this week, ICS-CERT received a report from an electric utility experiencing unsuccessful brute force activity against their networks. The full alert is available for review here.

At its Open Commission Meeting this week, the Federal Communications Commission extended its Part 4 network outage reporting requirements to apply to VoIP services. The FCC’s Report and Order defines outage reporting for interconnected VoIP service, establishes reporting criteria and thresholds and discusses how the reporting process should work, what information should be reported and confidential treatment of the outage reports. The FCC deferred action on a number of questions, including the possibility of setting thresholds for reporting outages of broadband Internet service and measurements for outages of both interconnected VoIP and broadband Internet services based on performance degradation, as opposed to complete service outage.


UTC issued a statement supporting the FCC's decision, explaining that "[a]dopting the extension of these Part 4 outage reporting requirements should promote the reliability of utility communications and the underlying essential electric, gas and water services they provide. Utilities need reliable communications to support the safe, secure and efficient delivery of essential services to the public at large."

Spectrum provisions, including those pertaining to access to the 700 MHz public safety broadband network by non-public safety entities, have been included as part of larger congressional legislation that would extend the 2% reduction in payroll taxes, extend unemployment benefits and prevent a 27% decrease in medicare reimbursements to doctors (the “doc” fix). The legislation is expected to be passed by Congress today, and would clear the way for public safety to share the 700 MHz public safety broadband network (PSBN) with utilities and other critical infrastructure industries. UTC is continuing to work with Congressional staff to enhance the abilities of utilities to participate in the creation of the PSBN and ensure that the synergies between the communications needs of public safety and utilities are most effectively leveraged in the final legislative compromise. The House and Senate are aiming to have a final conference report ready for an up-or-down vote by the end of this week. Congress is currently scheduled to begin its week-long President’s Day recess beginning this Friday, although congressional leaders have threatened to cancel that recess if a compromise is not reached by week’s end. The deadline for passage of the conference report is February 29^th when the current payroll tax reduction expires. 

UPDATE: 11:41 AM - The House has approved the payroll tax conference report, 293-132. The conference report now moved to the Senate, where it will also be voted on shortly.

12:45 PM - The Senate approved the conference report 60-36. The bill moves on for President Obama's signature.

Congressional legislation that was passed last week would permit use of 700 MHz public safety spectrum for non-public safety services and would open up the 5350-5470 MHz band and guard bands for unlicensed operations, creating opportunities for utilities and CII to access additional spectrum. In addition, it would reallocate and auction the 470-512 MHz public safety frequencies and investigate the use of the 11, 18, and 23 GHz fixed microwave bands for commercial services – raising questions about the future of these bands for private wireless generally. Read more »

UTC has issued the following statement about the Payroll Tax Report that was approved by Congress last week:

"We applaud Congress on approving this report. For years, UTC has advocated that utilities need access to sufficient spectrum to support their mission critical operations and to meet the overarching national policy objectives of energy independence and security. Congress' action today makes it possible for utilities to access the high quality spectrum that they urgently need."

For more information, please read the entire Press Release on UTC's website. Please contact UTC staff if you have any questions about the implications of this legislation for your utility. You can also read UTC's analysis of the spectrum provisions in this bill here.

Additionally, UTC experts have been quoted in the following industry media:

TR Daily Article (subscribers-only)

Urgent Communications

Representatives from the public safety community noted that they are interested in partnering with utilities on the 700 MHz Public Safety Broadband Network (PSBN). Speaking at last week's IWCE (International Wireless Communications Expo) in Las Vegas, Harlin McEwen, Chairman of the Public Safety Spectrum Trust (PSST), stated "[w]e want interoperability with [utilities]," and “[w]e also want their money to support it." He and other public safety leaders agreed that the $7 billion Congress reserved for construction of a nationwide public safety broadband network is not enough to fund the construction costs of the entire network. Due to the cost, the public safety representatives agreed that it is crucial for public safety to form partnerships with industry entities, including non-traditional first responders such as utilities, to construct, maintain and operate the network and help fund it. McEwen stated that the provisions in the bill regarding access to the network by these entities are "a little confusing," but that the bill would apparently allow agencies to lease access to the network to utilities and others on a secondary basis which could help fund construction and maintenance of the system.

Richard Mirgon, former president of the Association of Public-Safety Communications Officials (APCO) added, “It’s time to make sure we that we start looking at what’s best for America, and the utilities are part of what’s best, because nobody operates without power, water, natural gas, you name it. The utilities have a need to be a part of this, and we have to do due diligence in this process as the FirstNet governing board creates these rules on how to do secondary use.”

Threats to systems supporting critical infrastructure — including the smart grid — are constantly “evolving and growing” and as a result have been termed “government-wide high-risk areas” by the U.S. Government Accountability Office (GAO). Testifying before the House Energy and Commerce Committee’s oversight and investigations panel, Gregory Wilshusen, director of the GAO’s Information Security Issues team, shared his concerns about the security of the infrastructure. The written testimony observes that smart meters are among those devices that have not been “designed with a strong security architecture and lack important security features.” Further, he remarked that utility companies are often unaware of imminent threats or incidents on their systems because some of that intelligence is classified and cannot be shared with them.