Human error and equipment deficiencies were behind the outage that affected millions in the Northeast, according to the U.S.-Canada Power System Outage Task Force.
The task force's Security Working Group found no evidence that a cyber attack directly or indirectly caused the blackout, the report states. The report confirms the task force's initial findings released late last year.
While some speculated last year that the Blaster worm may have contributed to the blackout, the group found no "evidence that worms or viruses circulating on the internet at the time of the power outage had an effect on power generation and delivery systems of the companies directly involved in the power outage."
The task force's cyber-security recommendations include: Develop corporate-level IT security governance and strategies; improve IT forensic and diagnostic capabilities; establish clear authority for physical and cyber security; and develop procedures to mitigate in appropriate disclosure of information.
The full report is available at www.ferc.gov.
