On the last day of 2016, The Washington Post reported that Russian hackers used an email “phishing” scam to attack the Burlington Electric Department in Vermont. The Post later followed up to say that the utility wasn’t actually a target of the scam, but a near-hack at a municipal utility was no surprise to City of Seattle IT professionals.
“That episode might’ve been a wake-up call to people outside the utility industry, but for those of us who work in critical infrastructure, it was just another example of a growing problem,” says Seattle IT Chief Information Security Officer Jeff Brausieck. “News stories like these are a good reminder to us all to maintain awareness and be extra careful not to open unknown or unexpected documents and web links received via email.”
Seattle City Light has long been aware of the threat posed by hacking. We have several strong cyber policies in place to protect City Light information and assets, such as:
- Security measures: Firewalls, antivirus software and other security tools detect and block many types of cyber-attacks.
- Password requirements: When setting up a password on a Seattle City Light computer, our employees can’t just “set it and forget it.” We’re required, by city and federal security standards, to periodically reset our passwords and keep them strong.
- Information Security Awareness training: Our first line of defense is, of course, our City Light employees, who are trained to recognize and avoid phishy websites and emails, and to secure sensitive information in approved mechanisms like password-protected zip files.
These are just a few of the security measures Seattle City Light and the City of Seattle have in place to make sure that our, and our ratepayers’, Seattle City Light assets and information are kept out of hackers’ hands.