Archive: Cybersecurity

Three Things ICS Security Pros Can Do to Maximize Uptime

Before industrial control systems (ICSs) were network-connected, operators had little to worry about in the way of cyber threats. But as industrial environments, such as energy utilities, become more connected, they’re exposed to vulnerabilities and attacks. ICSs are used in large amounts of critical infrastructure, including the electrical grid, transportation systems, and wastewater plants. How […]

Cyber Breaches: Is Fear Misplaced?

The power sector’s terror of a debilitating cybersecurity attack is magnified seemingly every day as new vulnerabilities or destructive threat actors are identified. But according to several industrial

Three Newly Approved CIP Reliability Standards for Cybersecurity Will Be Costly

Entities with industrial control systems (ICS) associated with bulk electric system (BES) operations must develop and implement plans that include security controls for supply chain management, the Federal Energy Regulatory Commission (FERC) ordered in a final rule that formally adopts three new critical infrastructure protection (CIP) reliability standards.  FERC on October 18 issued Order No. […]

BlackEnergy, Grid-Disrupting Malware, Has a Successor, Researchers Warn

BlackEnergy, the malware used in a cyberattack that prompted a large-scale blackout in Ukraine in December 2015, has a successor—GreyEnergy. A group is using the malware to target industrial networks outside Ukraine, researchers  from Slovakian cybersecurity firm ESET warn.  The researchers said in an October 17–released white paper that analysis of the previously undocumented GreyEnergy […]

New Cyber Threat Actor Targeting Power Sector Identified

Cybersecurity experts have identified a new activity group that they say is targeting access operations at electric utilities in the U.S., Europe, Middle East, and East Asia.  Cybersecurity firm Dragos Inc. told POWER on August 1 that though it has confirmed that the group—which it dubbed “RASPITE”—is actively targeting electric utilities, “there is no current indication […]

Natural Gas: Clear Skies, Some Clouds on the Horizon

Horizontal drilling technology and fracking techniques have created a natural gas revolution in the U.S. The future looks bright for gas-fired power generation but there are three potential storm clouds that

DHS Warns that Russians Hacked Control Rooms

Department of Homeland Security (DHS) officials in a July 24 webinar said that Russian hackers infiltrated a power plant industrial control system (ICS) in an incident that could have caused a blackout last year. However, as an industrial cybersecurity expert pointed out—and a DHS spokesperson confirmed—the impact of the incident may be overstated. The expert and DHS responded to a […]

FERC Mandates Reporting of Attempted Cybersecurity Breaches

The Federal Energy Regulatory Commission (FERC) has ordered the North American Electric Reliability Corp. (NERC) to broaden, within six months, its Critical Infrastructure Protection (CIP) reliability standards to include mandatory reporting of cybersecurity incidents that could harm the bulk electric system (BES). FERC’s Order No. 848issued on July 19 directs NERC to develop and submit […]

Bill Codifying Federal Role in ICS Cybersecurity Clears House

A bill codifying the Department of Homeland Security’s (DHS’s) role in addressing industrial control systems (ICS) cybersecurity has cleared the U.S. House of Representatives. While H.R. 5733, “DHS Industrial Control Systems Capabilities Enhancement Act,” contains no mandates for the private sector, it directs the DHS’s National Cybersecurity and Communications Integration Center (NCCIC) to develop and maintain […]

Sanctions Slapped on Russian Entities for U.S. Grid Cyber Intrusions

The U.S. Department of the Treasury on June 11 slapped sanctions on five Russian firms and three Russian individuals for several “significant” malicious cyber-enabled activities, including cyber intrusions in the U.S. energy grid. The department’s Office of Foreign Assets Control said the sanctions are authorized under President Obama’s Executive Order 13694, “Blocking the Property of Certain […]