cybersecurity

Horizontal drilling technology and fracking techniques have created a natural gas revolution in the U.S. The future looks bright for gas-fired power generation but there are three potential storm clouds that

Department of Homeland Security (DHS) officials in a July 24 webinar said that Russian hackers infiltrated a power plant industrial control system (ICS) in an incident that could have caused a blackout last year. However, as an industrial cybersecurity expert pointed out—and a DHS spokesperson confirmed—the impact of the incident may be overstated. The expert and DHS responded to a […]

The Federal Energy Regulatory Commission (FERC) has ordered the North American Electric Reliability Corp. (NERC) to broaden, within six months, its Critical Infrastructure Protection (CIP) reliability standards to include mandatory reporting of cybersecurity incidents that could harm the bulk electric system (BES). FERC’s Order No. 848issued on July 19 directs NERC to develop and submit […]

A bill codifying the Department of Homeland Security’s (DHS’s) role in addressing industrial control systems (ICS) cybersecurity has cleared the U.S. House of Representatives. While H.R. 5733, “DHS Industrial Control Systems Capabilities Enhancement Act,” contains no mandates for the private sector, it directs the DHS’s National Cybersecurity and Communications Integration Center (NCCIC) to develop and maintain […]

The U.S. Department of the Treasury on June 11 slapped sanctions on five Russian firms and three Russian individuals for several “significant” malicious cyber-enabled activities, including cyber intrusions in the U.S. energy grid. The department’s Office of Foreign Assets Control said the sanctions are authorized under President Obama’s Executive Order 13694, “Blocking the Property of Certain […]

On May 14, 2018, the Department of Energy (DOE) Office of Electricity Delivery & Energy Reliability released its Multiyear Plan for Energy Sector Cybersecurity (“Plan”). The Plan is significantly guided by DOE’s 2006 Roadmap to Secure Control Systems in the Energy Sector and 2011 Roadmap to Achieve Energy Delivery Systems Cybersecurity. Taken together with DOE’s […]

A relatively new cyberattack threat activity group dubbed “XENOTIME” is intent on compromising and disrupting industry safety instrumented systems globally, and cybersecurity experts are warning it is “easily the most dangerous threat activity publicly known.” According to  global industrial control system (ICS) cybersecurity firm Dragos Inc., XENOTIME is behind TRISIS (also known as TRITON), the […]

Cybersecurity threats are outpacing the energy sector’s “best defenses,” and costs of preventing and responding to cyber incidents are straining company efforts to protect critical infrastructure, the Department of Energy (DOE) warned as it released a comprehensive five-year cybersecurity strategy for the industry. The Multiyear Plan for Energy Sector Cybersecurity, dated March 2018 but which […]

The U.S. Department of Energy (DOE) over the past two weeks has made a string of funding announcements, including nearly a half-billion dollars of new investment in power-related initiatives. The funding backs advancements in cybersecurity, advanced nuclear, solar, bioenergy, fuel cells, geothermal, and energy storage. $25 Million for Cybersecurity.On April 16, the DOE’s Office of […]

Malware-based attacks against utilities and power plants are increasing six-fold according to a recent federal report. Power plants have become an appealing target because of a lack of detection and monitoring