Cybersecurity

The U.S. Department of Homeland Security (DHS) has issued another alert warning of an “ongoing sophisticated malware campaign” targeting human-machine interface (HMI) software that is used for grid control and other energy systems. The alert, released on Oct. 29, warned that DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has identified a strain of […]

The U.S. power sector has seen a number of developments on the regulatory front in recent months. Here’s where major federal rules stand today. (For a more dynamic and graphic version of this article, see http://powermag.com/long-form-stories/bw-power/ .) GHG Rules New Power Plants. The Environmental Protection Agency (EPA) in September 2013 revised a 2012 proposal to […]

Cybersecurity threats facing the power industry have escalated dramatically in the past few years, as state-sponsored, organized crime, and hacktivist groups all seek to infiltrate U.S. energy infrastructure for cyber-espionage and sabotage purposes. A recent example of the severity of this threat can be seen in operation “Energetic Bear”—a Russian campaign to infect U.S. and […]

U.S. Nuclear Regulatory Commission (NRC) employees fell victim to email “phishing” attempts three times in the past few years, allowing intruders into the agency’s email system, according to an internal report by the Office of Inspector General obtained by news site Nextgov.com. The internal NRC investigation revealed that twelve employees clicked on a link in […]

The attack began at 12:58 a.m. on April 16, 2013. Between then and 1:07 a.m., attackers cut telephone and telecommunications cables to Pacific Gas & Electric’s (PG&E’s) Metcalf substation near San

A standard to enhance physical security at critical power system facilities submitted by the North American Electric Reliability Corp. (NERC) will need modifications before it can be approved, the Federal Energy Regulatory Commission (FERC) said last week.  FERC ordered NERC on March 7 to develop and submitnew reliability standards requiring owners and operators of the […]

Speaking at the Energy Innovation Symposium in Washington D.C. on July 23, Southern Co. CEO Tom Fanning said that he would love “to announce another nuclear plant” later this year. But Fanning made it clear during his keynote address to attendees at the Bipartisan Policy Center’s American Energy Innovation Council–sponsored event that he favors an […]

Optimism about U.S. energy security, which is rooted in the abundant supply of fossil fuels alone, is misplaced, Maria van der Hoeven, head of the International Energy Agency (IEA) told attendees at an energy conference in Washington, D.C., on Monday.  The U.S. has seen a dramatic reversal in its energy fortunes over the past seven […]

A report released July 10 finds alarming gaps in the security of the world’s critical infrastructure. The study—sponsored by Unisys and conducted by Michigan-based security research firm Ponemon Institute—was based on an Internet survey of 599 respondents from 13 countries in the oil and gas, utilities, alternative energy, and manufacturing industries conducted in April and […]

A group of hackers apparently based in Moscow has been conducting an “ongoing cyberespionage campaign” against energy sector companies in the U.S. and Western Europe, according to a report released June 30 by computer security firm Symantec. The targets included “energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment […]

At the Edison Electric Institute (EEI) annual meeting this week in Las Vegas, the tone was one of collaboration with partners from Washington to distributed generation companies. Those partnerships will be needed as the investor-owned utility (IOU) industry fights not so much a war on coal as a war for mindshare and wallet share in […]

Anyone who follows either the energy industry or the military knows that all branches of the U.S. military have aggressive goals for renewable energy and for improving energy security and independence. Microgrids are a key part of that plan. When I wrote about military microgrids in “The Military Gets Smart Grid” back in January 2012, […]

Aside from places where microgrids have a track record—educational, industrial, and commercial campuses—commercial and community microgrids are still the domain of early adopters, but the number of people wanting to travel the trail they are blazing is increasing. A microgrid is any collection of interconnected loads and distributed energy resources within clearly defined electrical boundaries […]

If you’re looking for the easiest place to deploy microgrid technology, look at islands. That was the general consensus of presenters at the 4th Military & Commercial Microgrids Summit in Washington, D.C., held June 17-19. In addition to a presentation about a microgrid being developed for Necker Island—owned by Sir Richard Branson, founder of the […]

A make-shift explosive device found last week at a power plant south of Tucson, Ariz., caused a small, temporary fuel leak in a 50,000-gallon distillate oil tank—not a large explosion as previously reported in initial accounts.  However, the incident has triggered investigations by the FBI, the U.S. Bureau of Alcohol, Tobacco, Firearms, and Explosives, and […]

The North American Electric Reliability Corp. Critical Infrastructure Protection (NERC CIP) standards Version 5 represents the first major change in requirements and approach since its predecessor, Urgent

Generators of electric power face a big effort to comply with the upcoming North American Electric Reliability Corp. Critical Infrastructure Protection (NERC CIP) Version 5 (V5) cybersecurity standards

On August 14, 2003, large parts of the Northeast and Midwest of the U.S. and the Canadian province of Ontario experienced one of the largest blackouts in history: 61,000 MW of electric load were lost

Forty years ago, musical genius Paul Simon outlined “50 Ways to Leave Your Lover.” In New Orleans in early April at the ELECTRIC POWER Conference, Mike Firstenberg of Waterfall Security Solutions laid out

Despite relatively low interest in cybersecurity issues among power industry professionals, the threat of cyber attacks on generation systems is real, as the latest report by a U.S. Department of Homeland Security (DHS) group reveals. The January–April report from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) notes that the DHS group recently received […]

For the first time ever, the U.S. has filed criminal charges against known state actors for hacking U.S. interests. A grand jury in the Western District of Pennsylvania indicted five Chinese military hackers for computer hacking, economic espionage, and other offenses directed at six American victims in the U.S. nuclear power, metals, and solar products […]

Ten witnesses from federal and state regulatory agencies, a public power entity, environmental groups, and power companies today outlined a number of threats to the bulk power system’s reliability in a Senate hearing to assess whether enough was being done to keep the lights on. General measures to address day-to-day issues affecting reliability—such as tree […]

The energy industry, already familiar with the latest iteration of the North American Electric Reliability Corp. (NERC) Critical Infrastructure Protection (CIP) reliability standards, should take note: Meeting

Nuclear utilities are facing stringent cybersecurity requirements for plant digital assets that fulfill safety-related, important-to-safety, security, and emergency preparedness functions or that are

Lawmakers in the House and Senate on Wednesday introduced identical bills that would give the Federal Energy Regulatory Commission (FERC) the authority to issue emergency orders to protect the grid from physical, cyber, electromagnetic pulse and other threats and vulnerabilities. The Grid Reliability and Infrastructure Defense (GRID) Act was introduced separately by Rep. Henry A. […]

Of 257 cyber incidents reported by asset owners or trusted partners to the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in 2013, an overwhelming 56% occurred in the energy sector, exceeding all incidents reported in other sectors combined.  Notably, ICS-CERT last year responded to a “major cyber intrusion campaign” from […]

The Federal Energy Regulatory Commission (FERC) on Friday directed the North American Electric Reliability Corporation (NERC) to develop reliability standards requiring owners and operators of the bulk power system to address risks due to physical security threats and vulnerabilities.  The standards will require owners and operators of the bulk power system to take at least […]

At a keynote address at CERAweek 2014 in Houston, Energy Secretary Ernest Moniz reiterated the Obama administration’s support for all U.S. fuel sources while pursuing a low-carbon future but rarely mentioned nuclear power. Prompted by POWERnews, Moniz later outlined the administration’s actions to address spent nuclear waste.  Following the D.C. Circuit’s ruling in November 2013 […]

The National Institute of Standards and Technology (NIST) today released its final version of a national framework for improving critical infrastructure cybersecurity. The “living” document will be updated as industry reports back on its implementation. The “Framework for Improving Critical Infrastructure Cybersecurity” is essentially composed of a core, tiers, and profiles. The core presents five […]

What’s the utility of the future going to look like within two or three decades? That was a question put to former Duke Energy CEO Jim Rogers, Great Plains CEO Mike Chesser, and former chairman of the Colorado Public Utilities Commission Ron Binz by the head of the Brookings Institute’s Energy Security Initiative (ESI) last […]