While Smart Grid brings electricity distribution and transmission into modern digital age, its security is becoming a big concern. Cyber security experts have warned that hackers can break into the system and create a massive blackout across the country.

A recent report by the Department of Energy “DoE” warns that digital networks controlling the smart electric grid are besieged with security gaps. And these loopholes make it easy for trespassers to create problems in the system.

As reported in Wall Street Journal on Tuesday, many of the security vulnerabilities are strikingly basic and fixable problems, including a failure to install software security patches or poor password management. A recent study conducted by Idaho National Lab, a DoE facility, indicates that many of the fixes would be inexpensive.

According to the WSJ article, written by Siobhan Gorman, the DoE report reinforces concerns that intelligence officials have raised in recent years about growing surveillance of the electric grid by Chinese and Russian cyber-spies. The WSJ warned about these threats in an article last year. Hence, the worry is that a foreign country could shut down power in parts of the U.S., Gorman said in his article.

This report comes on the heels of a recent warning by the German firm SiemensSiemens said it has concocted a program it is making available for detecting and disinfecting malware and viruses attacking its complex power-grid management software. AG. Siemens (News - Alert) detected an attack targeting critical infrastructure, a collective term for systems such as electric grids, subways and air-traffic control. On July 23rd in a release,

The German engineering firm warned that customers who use the infected software could have the devastating effect of disrupting whole power grids in the U.S., Canada, South America, Europe and Asia.

The DoE report is based on the findings of 24 assessments of computer-control systems performed between 2003 and 2009. The security gaps highlighted include "well-known unsecure coding practices" for software used by these control networks; and permitting an "excessive" number of portals access into the networks.

Poor code quality also leads to vulnerabilities and bugs in the code that not only make it vulnerable to attack, but also fragile and unstable, according to the report.

Other problems identified include ineffective passwords, lack of sufficient encryption for communications lines used by these computer networks, and data bases that archive information about the systems.

Market research firm Pike Research (News - Alert) predicts that utilities will spend $21 billion on Smart Grid cyber security between 2010 and 2015.