cybersecurity

Cyberattacks on Korea Hydro and Nuclear Power’s (KHNP’s) computer systems last December were committed by a group of North Korean hackers, an interim South Korean investigation has concluded.  The Seoul central prosecutors office said in a March 16 statement that the malicious codes used for the nuclear operator hacking were “the same in composition and […]

President Obama’s State of the Union (SOTU) address on Tuesday night held no surprises about energy issues. The word “energy” only appeared twice in the president’s speech—once in mention of the nation’s “booming energy production” and once with regard to how we produce and use energy. The word “power” came up twice with respect to […]

Computer systems at Korea Hydro and Nuclear Power Co. (KHNP)—the operator of South Korea’s 23 commercial nuclear reactors—were hacked and information divulged via blog posts and posts on Twitter, according to the company. The first leaks on Dec. 15 were of personal information obtained from some of the 10,799 employees of the company, but later […]

Cybersecurity threats facing the power industry have escalated dramatically in the past few years, as state-sponsored, organized crime, and hacktivist groups all seek to infiltrate U.S. energy infrastructure for cyber-espionage and sabotage purposes. A recent example of the severity of this threat can be seen in operation “Energetic Bear”—a Russian campaign to infect U.S. and […]

A group of hackers apparently based in Moscow has been conducting an “ongoing cyberespionage campaign” against energy sector companies in the U.S. and Western Europe, according to a report released June 30 by computer security firm Symantec. The targets included “energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment […]

At the Edison Electric Institute (EEI) annual meeting this week in Las Vegas, the tone was one of collaboration with partners from Washington to distributed generation companies. Those partnerships will be needed as the investor-owned utility (IOU) industry fights not so much a war on coal as a war for mindshare and wallet share in […]

Generators of electric power face a big effort to comply with the upcoming North American Electric Reliability Corp. Critical Infrastructure Protection (NERC CIP) Version 5 (V5) cybersecurity standards

For the first time ever, the U.S. has filed criminal charges against known state actors for hacking U.S. interests. A grand jury in the Western District of Pennsylvania indicted five Chinese military hackers for computer hacking, economic espionage, and other offenses directed at six American victims in the U.S. nuclear power, metals, and solar products […]

Of 257 cyber incidents reported by asset owners or trusted partners to the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in 2013, an overwhelming 56% occurred in the energy sector, exceeding all incidents reported in other sectors combined.  Notably, ICS-CERT last year responded to a “major cyber intrusion campaign” from […]

The National Institute of Standards and Technology (NIST) today released its final version of a national framework for improving critical infrastructure cybersecurity. The “living” document will be updated as industry reports back on its implementation. The “Framework for Improving Critical Infrastructure Cybersecurity” is essentially composed of a core, tiers, and profiles. The core presents five […]