cybersecurity

An estimated 90% of software products used to manage the U.S. power grid contains code “contributions” from Russian or Chinese developers. The finding from cyber risk management solution firm Fortress Information Security highlights new supply chain gaps and points to a dire need for more robust strategies to safeguard against insidious threats that lurk in […]

People know a storm can disrupt the electrical grid and cause a wave of complications across the region or country very quickly. But now, for those charged with grid reliability and keeping the lights on

Soon after Russia invaded Ukraine in February 2022, Russian government-affiliated hackers orchestrated cyberattacks that targeted Ukraine’s electrical grid and energy infrastructure.  In early March of last year, one cyberattack successfully disabled a high-voltage transmission station near Kyiv, resulting in a power outage in the capital. Later that month, another cyberattack targeted three regional electric power […]

There is growing demand for cybersecurity professionals all around the world. According to the “2023 Official Cybersecurity Jobs Report,” sponsored by eSentire and released by Cybersecurity Ventures, there will be 3.5 million unfilled jobs in the cybersecurity industry through 2025. Furthermore, having these positions open can be costly. The researchers said damages resulting from cybercrime […]

The riskiest position for a company to take when it comes to its cyber governance, risk, and compliance (GRC) practices is the attitude that “it could never happen to us.” The truth is, risk is everywhere

Energy data has a key role in securing and protecting our energy future. As the global shift to decentralized energy networks keeps growing, together with the rising adoption rates of electric vehicles (EVs), cyber adversaries are finding an expanding array of opportunities to attack and exploit the dynamic energy sector. By leveraging smart-grid energy telemetry […]

A New York Times Magazine expose detailed the complicated and shockingly brazen inner workings of international espionage. However, the spies profiled weren’t targeting government secrets. They were interested in corporate intellectual property, or IP, an equally valuable commodity in today’s highly competitive global economy. Specifically, the publication reported systemic efforts to entice employees at critical […]

The energy sector recorded three times as many operational technology (OT) and/or industrial control system (ICS) cybersecurity incidents as the next closest vertical, according to a study conducted by the Cyentia Institute, a research and data science firm, and sponsored by Rockwell Automation, an industrial automation and information provider. “Energy, critical manufacturing, water treatment, and […]

Supervisory control and data acquisition (SCADA) is crucial to contemporary power systems and is widely used in industry and defense. SCADA are computer-based systems that are used to centrally control, monitor, and analyze activities in industries and power systems. This entails real-time communication over a communication network between a central entity and the local controllers […]

Although the utility industry is the backbone of any economy, it lags in adopting the latest technologies. This is evidenced by the fact that utilities are underperforming in customer satisfaction and retention and are struggling with high operating costs. However, the emergence of new competitors and local threats is forcing utilities to align their priorities […]

We are currently witnessing the most dizzying pace of technological innovation in our lifetimes, if not ever. Our lives are becoming increasingly more digital, cutting out archaic and inefficient processes and saving time and resources in an impressive fashion. COMMENTARY In solar photovoltaic (PV), this digital shift is also occurring, albeit in a less obvious […]

Along with technology and process, this year’s Connected Plant Conference (CPC) spotlights the people driving digitalization, the holistic transformation of business models and operations into a more connected, data-driven, versatile, and efficient environment. The 7th annual conference, which took place June 25–28, 2023, in New Orleans, Louisiana, in an award ceremony, celebrated the achievements of several […]

Digitalization is now so firmly embedded in the power sector that if participants haven’t yet begun their digital journey, they’ve inherently fallen behind. That was a message repeated at the three-day 7th annual Connected Plant Conference (CPC), which took place this week in New Orleans, Louisiana. POWER magazine and Chemical Engineering magazine’s conference this year […]

Siemens Energy and Schneider Electric, two industrial control system (ICS) vendors for critical infrastructure industries, have been reportedly listed as ransomware victims by cybercrime gang CL0P, though any targeted attacks are yet unconfirmed. The ransomware gang, also known as TA505, began exploiting a vulnerability in MOVEit Transfer, an internet-facing automated file transfer web application, starting […]

It’s been two years since the historic Colonial Pipeline ransomware attack shut down one of the largest and most vital oil pipelines in the U.S. While this hasn’t been the nation’s only attack on power infrastructure, it’s the largest publicly disclosed and, at $4.4 million, it was also the most-costly. Since then, we’ve learned that […]

A tailored approach to evaluating and implementing benefit-based cybersecurity technologies for wind power plants. Recent research and development (R&D) have provided insights into cybersecurity strategies and business cases for cybersecurity investments. These findings will help renewable sector entities tailor an approach to evaluating and implementing cybersecurity technologies for wind power plants. A Cyber Resilient Reference […]

The utility industry needs to be prepared to adapt at this time of uncertainty and change, rising prices, and international turmoil. However, it is becoming more challenging to comply with regulations and

The aging energy grid is in need of an upgrade. Converging challenges, such as distributed energy resources, electric vehicles and frequent extreme weather events, are pushing our infrastructure—some of which is over a half a century old—to the limit. As grid modernization efforts move full steam ahead to meet these challenges, security implications are often […]

Physical security at power plants has received renewed concern of late, owing to a spate of gunfire vandalism events in the U.S. However, power plants have long-fielded several other physical security risks, including from terrorism, sabotage, natural disasters, insider threats, and physical breaches. Power plants have typically employed a set of physical security tools, such […]

Several major power companies have launched a software assurance database that will serve as a software bill of materials (SBOM) repository for the power industry. Part of a long-sought solution to address a critical supply chain cybersecurity risk, the collaborative effort announced on Feb. 8 seeks to help vendors identify and remediate vulnerabilities in software […]

Interrupting power grids is one of the most effective ways to cripple a town or a city. If a region can’t keep the lights on, pretty much everything must come to a halt until the issue is remedied. For this reason, the power and energy industry has become a prime target for cyberattacks on operational […]

Even more than technology and processes, power and utilities leaders must focus on that most timeless of resources—people—to be successful against a landscape of ever-evolving cybersecurity threats. Users

ARLINGTON, Va. – The Department of Energy today awarded a $15 million award to the National Rural Electric Cooperative Association to help electric cooperatives expand their cyber monitoring capabilities of their industrial control facilities. The award will be spread over three years, with $10 million disbursed in 2022 and the remaining $5 million in subsequent […]

Cybersecurity risks can occur daily, taking multiple forms. While there are personal measures that the general population can do to eliminate some of these risks, power utility companies must take a more aggressive approach to keep the communities they serve safe and their security unquestioned. COMMENTARY Should a power utility company face a cyberattack, it […]

There are no boundaries in cyberspace. That fact has accelerated sharing of threat intelligence across the defenders, but it exponentially raises the threat of cyberattacks. This reality is underscored by the war in Ukraine, “the first major conflict involving large-scale cyber operations,” according to the U.S. Cybersecurity and Infrastructure Agency (CISA). A major concern is […]

Pittsburgh, PA. (Aug. 5, 2022) — Intelligent power management company Eaton announced a cybersecurity collaboration with global leader in identity security CyberArk to enhance protection of utility transmission and distribution devices and networks. The collaboration leverages Eaton’s grid automation expertise and industry-leading approach to cybersecurity with CyberArk’s Identity Security solutions to help utilities simplify a […]

The energy and utilities sector is not just the lifeblood of the world’s economy, but fundamental to society’s existence as a whole. Yet, recent events have highlighted just how volatile and unpredictable it can be. Output is influenced by everything from weather patterns to war, and no business, consumer, or household is immune from the […]

“Cyber-physical systems” are the next generation of closely integrated physical and cyber systems. Several critical systems such as the power grid, autonomous transportation systems, and process control systems are examples of cyber-physical systems. They are liable to be attacked by malicious agents who can compromise the sensor measurements being used to control them. Indeed, there […]

An unprecedented array of risks—ranging from capacity shortfalls, extreme weather, extended drought, supply chain issues, cybersecurity, solar PV tripping, fuel constraints, to wildfires—could imperil the reliability of nearly every North American bulk power system (BPS) region west of the Midcontinent Independent System Operator (MISO) this summer, the North American Electric Reliability Corp. (NERC) warned in […]

With the advent and implementation of smart grid infrastructure across power utilities, there has been a paradigm shift in the efficiencies of the grid. The use of digital communication technology has led to high-speed communication enablement across various components as well as better data analysis and real-time control. This has proven to be advantageous not […]