Cybersecurity

Digitization in the power generation sector continues to expand. Its goal in simple terms—providing easy access to data for power plant operators and engineers, enabling the use of advanced analytics to improve equipment performance and efficiency—has resulted in reduced operating costs for utilities, and also has enhanced plant safety. POWER’s upcoming Connected Plant Conference, set […]

A primitive but unique ransomware variant that emerged in mid-December can forcibly stop a number of processes, including multiple items related to industrial control system (ICS) operations, industrial cybersecurity firm Dragos warned in a detailed report on Feb. 3. The ransomware known as “EKANS” (or “Snake,” which is “EKANS” spelled backwards) is “relatively straightforward” as […]

Experion® PKS IT Highly Integrated Virtual Environment (HIVE) centralizes up to 80% of IT infrastructure, reducing costs and freeing engineering talent to focus on higher-value activities HOUSTON, Feb. 4, 2020 — Honeywell today announced the release of Experion® PKS IT Highly Integrated Virtual Environment (HIVE), a transformative new technology that centralizes up to 80% of IT […]

The Federal Energy Regulatory Commission (FERC) on Jan. 23 approved two new reliability standards related to transmission system planning performance and cybersecurity. However, it also proposed to retire 74 reliability standard requirements, which it deemed duplicative or unnecessarily burdensome. Among the spate of actions it took on Thursday, FERC also green-lighted retaining the North American […]

Power companies are turning to external suppliers and contractors now more than ever. Utilities are getting help with tasks ranging from the relatively simple, such as vegetation management and the handling of customer calls, to the complex, including turbine repair and large infrastructure projects. Although the benefits of utilizing contractors are often obvious, the dangers, […]

The term “digital twin” is used frequently by tech-savvy power industry professionals, but what does it really mean? To get an insider’s perspective, POWER posed the question to Akshay Patwal, strategic business manager with Siemens Energy. Patwal leads the development and commercialization of digital business transformation projects, using big data platforms and analytics, to create […]

JOHNSTON, R.I., USA—As part of its continuing commitment to cyber risk assessment, prevention and control, FM Global, one of the world’s largest commercial property insurers, has become one of the first insurance carriers to offer industrial control systems (ICS) evaluations at client locations as part of its routine engineering site visits. The ICS evaluation will […]

Acquisition will enhance Rockwell Automation’s ability to deliver IT/OT cybersecurity services globally January 08, 2020 07:00 AM Eastern Standard Time MILWAUKEE–(BUSINESS WIRE)–Rockwell Automation, Inc. (NYSE: ROK) today announced that it has signed an agreement to acquire privately held Avnet Data Security, LTD, an Israeli-based cybersecurity provider with over 20 years of experience providing cybersecurity services. […]

In this insightful webinar, Jonathan Tubb, cyber security expert at Siemens Energy, Inc., will discuss strategies power plants can employ to mitigate security risks, assess readiness to meet future attacks and maximize security efforts.  He will share insight about how he helps customers confront growing cyber threats with extensive protection, detection and monitoring solutions.

To increase operational efficiency, utilities are migrating more to smart grids which integrates traditional grid infrastructure with sensor and communication technologies to collect and process large amounts of data. With a large complex network composed of millions of devices and remote entities connected with each other, such a massive network comes with many security concerns and potential vulnerabilities.

This webinar provides key insights into the building blocks in security solutions for the smart grid network to mitigate risk for the modern utility infrastructure.

Reliability and resiliency are buzzwords in today’s world of power generation. The focus is often on valuing those attributes, be it through subsidizing baseload power to make it more economically viable, or through other means. Reliable delivery of electricity, of course, also depends on cyber-resilient systems, at power plants and across the grid. Cyberattacks against […]

The term “Big Data” is used frequently by tech-savvy power industry professionals, but what does it really mean. To get an insider’s perspective, POWER posed the question to Akshay Patwal, strategic business manager with Siemens Energy. Patwal leads the development and commercialization of digital business transformation projects, using big data platforms and analytics to create […]

Framingham, MA — Positive Technologies experts have discovered a total of 17 vulnerabilities in the SPPA-T3000. Vladimir Nazarov, Head of ICS Security at Positive Technologies, said: “By exploiting some of these vulnerabilities, an attacker could run arbitrary code on an application server, which is one of the key components of the SPPA-T3000 distributed control system. […]

A nationwide survey of state utility commissions suggests regulators are increasingly grappling with issues that could “profoundly” alter energy delivery and utility business models. However, over the next decade, they expect central station generation will continue to dominate state portfolios, and utility-scale solar growth will surpass customer-owned photovoltaic (PV).  The survey to take the “regulatory […]

Many networks across a variety of verticals including government, military, financial services, power plants, and industrial manufacturing have been so-called “air-gapped.” This means they are physically and logically isolated from other networks where communication between these networks is not physically or logically possible. This can be a good thing or bad thing depending on your […]

Market forces are playing as much if not more of a role than regulatory policy in the transition from fossil-fueled power generation to renewables, as utilities in the U.S. and worldwide establish decarbonization goals. That was the message from Bill Ritter Jr., former governor of Colorado, during his keynote address at POWER’s Distributed Energy Conference […]

Malware detected at the Kundankulam nuclear power plant in India’s state of Tamil Nadu has not affected plant systems, an investigation by Nuclear Power Corp. of India (NPCIL), the nation’s nuclear plant operator, confirms.  The entity said in a press release on Oct. 30 that it discovered the malware on Sept. 4 on the personal […]

What does it mean to have “extreme visibility” in an operational technology (OT) environment? According to Claroty, a New York-based company that offers cybersecurity products for industrial control systems, it’s having the ability to see all assets on a network, knowing what they are, and understanding what functions they perform. The company says the more […]

Delivering energy has centered on the fundamental tenant of being reliably available. As energy providers strive to maintain that availability, they all too often push security to the backburner. Many unsafe practices have fallen into place for the sake of speed and efficiency, including the use of default and shared passwords, open access, and little […]

The names of bulk power system entities that violate federal critical infrastructure cybersecurity reliability standards—along with identification of standards violated and penalties assessed—may soon be routinely disclosed under changes proposed by the Federal Energy Regulatory Commission (FERC) and the North American Reliability Corp. (NERC).  The proposed changes, which FERC and NERC outlined in an Aug. […]

XENOTIME, a cyberthreat activity group thought responsible for TRISIS/TRITON malware attacks on safety instrumented systems (SIS) at an oil and gas Middle Eastern facility in 2017, has been probing power company networks in the U.S. and elsewhere, new intelligence from industrial control systems (ICS) security firm Dragos shows.  “In February 2019, Dragos identified a change in […]

The Department of Energy (DOE) in March 2018 released a 52-page report outlining its multi-year strategy to improve cybersecurity. In the report’s introduction, Assistant Secretary Bruce J. Walker noted that

Depending on the hazard field, electromagnetic pulses (EMPs) resulting from detonation of a nuclear weapon at high altitude or in space could cause significant damage to electronics on the bulk power system and even prompt a regional voltage collapse, the Electric Power Research Institute (EPRI) says in much-anticipated findings from its three-year study on high-altitude […]

The malicious threat landscape for industrial control systems (ICSs) is constantly evolving and getting more sophisticated, thereby raising the need to have visibility, implement protective controls, and perform continuous monitoring. As a result, it is important to take a look at the attack vectors of some malware/malicious events—such as Triton—that have occurred over the last […]

The smart grid offers great promise to transform the electric system, enabling two-way communication between providers and consumers over the network, and allowing new services that can save electricity and

Cybersecurity firm FireEye has uncovered and is responding to a new intrusion at an unnamed critical infrastructure facility that it suggests in an April 10 blog post was perpetrated by the group behind the TRITON attack, which prompted a process shutdown at a Middle Eastern facility in 2017. But while details of the new attack are sparse, […]

Cyber-attacks on industrial control systems (ICSs) are no longer a hypothetical. As pieced together by the Wall Street Journal, in 2017, Russian hackers attacked a small construction company, exploiting the organization’s connections with utilities and government agencies. Through an integrator, the hackers accessed computer-network credentials, giving them the ability to get into computer systems that […]

The world’s first autonomous combined cycle power plant is currently under construction at the Takasago Machinery Works facility in Japan, and it will be operational by 2020, according to Mitsubishi Hitachi

When conversations around the power industry turn to computer hacking, more often than not experts say it’s not a question of if, but rather, how systems have been compromised. William Doering, adjunct professor in the online Master’s in Business Administration program at Maryville University and a director with Guidehouse—a management consulting services provider—said he has participated […]