Transmission System Perimeter Attacks

The Office of the Inspector General audited TVA’s transmission system’s Internet security. We (1) identified vulnerabilities that increase TVA’s risk of successful cyberattacks, (2) found a gap in how TVA’s cybersecurity monitoring system detects cyberattacks against the transmission system, and (3) found TVA had not configured network devices in a consistent manner. TVA management remediated or mitigated all identified vulnerabilities and agreed with our remaining findings and recommendations.