Cybersecurity

Cyberattacks on Korea Hydro and Nuclear Power’s (KHNP’s) computer systems last December were committed by a group of North Korean hackers, an interim South Korean investigation has concluded.  The Seoul central prosecutors office said in a March 16 statement that the malicious codes used for the nuclear operator hacking were “the same in composition and […]

Here are selected thought-provoking (and even unexpected) comments made by presenters at the 10th annual MIT Energy Conference on Feb. 27 and 28 in Cambridge, Mass. Comments are summarized and paraphrased unless presented in quotes. For more on the event, see “Exelon: The Utility of the Future Views Change as Enabling, Not Disruptive” and the […]

The threats to power industry operations—and the reliable supply of power that we all depend upon for daily life—are no longer theoretical. A roughly 250% spike in reported industrial control system incidents over the past four years demonstrates that regulations alone will not protect power infrastructure. Everyone who works in this industry needs to develop […]

One of the persistent challenges for power sector cybersecurity is integrating operational and information technology teams and functions, especially when they include remote or third-party systems. A new military-grade security approach provides industrial control system security without compromising ease of daily operations. What do power generating companies have in common with The Boeing Co.? The […]

In mid-November, members of the POWER Generating Company Advisory Team responded via email to the following set of questions. Their comments have been edited for style. POWER: What changes in your fleet’s

Over the last few years, it has become increasingly clear that a massive cyber-attack on the North American electric grid represents a serious threat to U.S. national security. Over time, a string of senior

Computer systems at Korea Hydro and Nuclear Power Co. (KHNP)—the operator of South Korea’s 23 commercial nuclear reactors—were hacked and information divulged via blog posts and posts on Twitter, according to the company. The first leaks on Dec. 15 were of personal information obtained from some of the 10,799 employees of the company, but later […]

The Cybersecurity Enhancement Act of 2014 that cleared Congress last week and was presented to President Obama on Monday has the backing of automation organizations.  The bill was one of four cybersecurity measures passed—without much debate and by voice vote—by Congress before the 113th session came to a close on Tuesday, Dec. 16. Sen. John […]

Inadequate training and a culture of complacency among many owners and operators of critical infrastructure are significantly raising the risks of highly damaging cyberattack throughout the world, according to Steve Mustard, an industrial cybersecurity subject-matter expert of the International Society of Automation (ISA). The ISA reports that Mustard, who recently delivered a presentation on industrial […]

The U.S. Department of Homeland Security (DHS) has issued another alert warning of an “ongoing sophisticated malware campaign” targeting human-machine interface (HMI) software that is used for grid control and other energy systems. The alert, released on Oct. 29, warned that DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has identified a strain of […]