The Tennessee Valley Authority (TVA) is hiring foreign workers to take over computer jobs in the nation’s electrical grid.
“Sending crucial IT jobs to overseas firms and outside TVA … would be a dumb idea any day of the week,” Matt Biggs, a director of the International Federation of Professional and Technical Engineers, wrote in a KnoxNews.com op-ed.
“To do it now, when we are under threat of attack and millions of Americans are desperate for work, is worse than dumb. It’s irresponsible,” Biggs said.
Kevin Lynn, the founder of U.S. Tech Workers, said the White House should stop the outsourcing of computer jobs in the nation’s electrical network:
They have a nuclear power plant down there. You saw what happened with [the] Twitter [hack]. This is our infrastructure. This keeps the lights on, the heat, the air conditioning, and we’re going to put it in the hands of foreigners? Just like we did with [by relying on China for] PPE and pharamceuticals? Unbelievable.
The TVA’s networks of power stations, power lines, and dams are part of the nation’s 16 “critical infrastructure” sectors. The sectors’ ability to survive attacks are overseen by the Department of Homeland Security and other agencies. Some of the other sectors include healthcare, transportation, and finance.
President Donald Trump “is missing an opportunity to strengthen his ‘Hire American’ credentials,” said Mark Krikorian, the director of the Center for Immigration Studies. Trump issued an Executive Order on June 22 curbing the H-1B outsourcing program.
He should use his position to “shine a light on [the TVA outsourcing] and say ‘This is bad news, why is this happening? My staff has contacted the board of directors to ask why is this going on?'” Krikorian said.
The top management at the TVA is in the process of switching 200 jobs to H-1B workers to be recruited by three foreign companies: Paris-based Capgemini, Canada-based CGI, and Accenture, a former U.S. company that relocated to Ireland. Officials say the workers will not be hired for cybersecurity tasks or for operating the grid’s software controls.
The new workers are not expected to save any money, but they will help bring in commercial software, said Jim Hopson, the TVA’s public information officer. “There is not a significant cost difference once way or the other,” he told Breitbart News.
The TVA defended the outsourcing:
A great deal of misinformation is being circulated that makes this difficult situation even harder. The three companies selected to perform much of this work all have U.S.-based headquarters and workforces. Like their contracts with other federal agencies, their TVA contracts require all work to be performed in the U.S.
However, requiring “U.S.-based headquarters and workforces” does not necessarily require American workers. The term could include some of the 600,000 H-1Bs already imported to take white-collar jobs or some of the 500,000 foreign graduates who get jobs via the universities’ “Practical Training” work-permit programs.
The TVA statement downplayed the security issue. “Any individual working on sensitive software must pass the same security background checks required of any TVA employee.”
“We have federal contractual [security] standards,” said Hopson. “They are the same standards the Department of Homeland Security, the Department of Justice … and other federal agencies use to provide these types of services using the same types of contracts,” he said.
“There is no practical way to ensure that all foreign workers are who they claim to be,” said Lynn, a former counter-intelligence officer in the U.S. Army. “It is so hard to get information on people abroad … It depends on the [top-level political] relationships with that country — and it depends on that country’s [education and healthcare] infrastructure,” he said.
In contrast, U.S. security officials can readily confirm the claimed identities of Americans, by checking school transcripts, former workplaces, and birth records, Lynn added.
“We have not seen any challenges from those individuals with those kinds of contracts,” responded Hopson. “We feel those contractual obligations will be suitable and will provide the same kind of security assurances as these other agencies have.”
However, Trump’s June 22 Executive Order spotlighted the security problem created by the vast labor force of foreign visa workers in the United States.
Trump’s Executive Order told the Secretary of Homeland Security to:
Take appropriate action, consistent with applicable law, in coordination with the Secretary of State, to provide that an alien should not be eligible to apply for a visa or for admission or entry into the United States or other benefit until such alien has been registered with biographical and biometric information, including but not limited to photographs, signatures, and fingerprints.
In 2019, a report by the Government Accountability Office (GAO) highlighted the rising cybersecurity threat to critical infrastructure:
The electric grid is becoming more vulnerable to cyberattacks via (1) industrial control systems, (2) consumer Internet of Things (IoT), devices connected to the grid’s distribution network, and (3) the global positioning system (GPS).
The trustworthiness of employees is critical, the GAO report noted:
Officials and representatives of key federal and nonfederal entities that we interviewed stated that while the threat posed by insiders varies, they could cause damaging effects. For example, Sandia National Laboratories officials explained that insiders could include knowledgeable employees with privileged access to critical systems or contractors with limited system knowledge. Further, representatives from another non-federal entity explained that insider threats are a concern because of the economically valuable information they could steal.
Industrial control systems, which were once largely isolated from the internet and business IT systems, are increasingly connected in modern energy systems, allowing cyberattacks to originate in business IT systems and migrate to industrial control systems.
The GAO report asserted that industry executives are not hiring the needed number of cybersecurity experts:
The [cybersecurity] representative added that there are a large number of vacancies for cybersecurity positions and that they are difficult to fill due to the limited amount of available talent and organizational resource constraints, such as providing salaries that are competitive with other sectors. A laboratory official commented that larger grid entities are able to attract the majority of skilled cybersecurity professionals, leaving smaller entities with less skilled personnel.
Security problems are already choking the needed sharing of information about threats, even among Americans who are eligible for security clearances, the report says:
For example, a laboratory official told us that many grid owners and operators do not have security clearances. Consequently, the official explained, deeming information on certain cybersecurity threats to the grid to be “classified” leaves many utilities without the awareness to address those threats to the grid. The official added that when details are removed from classified threat intelligence in order to develop an unclassified alert, that alert often lacks the specific information utilities need to address the threat.
“When something happens, if there is an issue somewhere … then everybody will say, ‘Oh My God, we’re shocked! We had no idea,'” said Krikorian.
The June 22 Executive Order also directed border agencies to deny the entry of H-1B workers until December 31, at least.
But the legal authority in the document cannot stop companies from transferring H-1B workers from one contract to another in the United States — or from renting H-1B workers from other companies.
The June 22 Executive Order comes four years after Trump promised to end the use of H-1Bs as cheap labor: