TVA Penetration Test

Due to the importance of security measures required to protect the Tennessee Valley Authority’s (TVA) information and operations from cybersecurity threats, the OIG performed a penetration test of TVA’s network, systems, and applications.  Our objective was to determine if vulnerabilities and other cybersecurity weaknesses in TVA’s network, systems, and applications were present and exploitable. Specifics are being withheld from public release due to their sensitive nature in relation to TVA’s cybersecurity. We made five recommendations to TVA management.