cybersecurity

The U.S. Department of Energy (DOE) over the past two weeks has made a string of funding announcements, including nearly a half-billion dollars of new investment in power-related initiatives. The funding backs advancements in cybersecurity, advanced nuclear, solar, bioenergy, fuel cells, geothermal, and energy storage. $25 Million for Cybersecurity.On April 16, the DOE’s Office of […]

Malware-based attacks against utilities and power plants are increasing six-fold according to a recent federal report. Power plants have become an appealing target because of a lack of detection and monitoring

Lawmakers, industry, and government entities, including the Department of Energy (DOE) and the National Institute of Standards and Technology (NIST), this week released a string of measures responding to mounting cybersecurity attacks by state-sponsored actors. A Revised Cybersecurity Framework On April 16, the Commerce Department’s NIST, a federal standards laboratory, released an updated version of […]

Russian state-sponsored cyber actors are exploiting routers and other network infrastructure devices worldwide to conduct man-in-the-middle attacks that specifically target critical infrastructure providers and other sectors, the U.S. Department of Homeland Security (DHS), the FBI, and the UK’s National Cyber Security Centre (NCSC) warned in a new joint technical alert. In the U.S. Computer Emergency […]

  Defense-in-depth is a concept that is already widely deployed by many organizations within their IT infrastructures. However, many organizations do not apply it to their industrial control system (ICS) operations, owing mostly to obscure protocols. But as IT and ICS architectures converge and high-profile cybersecurity incidents mount, a robust, holistic defense-in-depth solution may be […]

The energy industry must work together to restore trust in the digital age.   When Hurricane Harvey hit, Houston knew what to do. Emergency response plans went immediately into effect to save lives and jump-start a long recovery. But as energy leaders convene here in the world’s energy capital for CERAWeek, we need to ask […]

Russian government cyber threat actors have infiltrated workstations and servers of corporate networks containing data output from industrial control systems (ICS) or supervisory control and data acquisition (SCADA) systems associated with an unnamed number of power plants, the Department of Homeland Security (DHS) has warned. The dire warning issued by the agency’s U.S. Computer Emergency […]

Though increasingly serious cybersecurity threats loom, nearly two-thirds of U.S. industrial control system (ICS) vulnerabilities identified in 2017 could cause severe operational impact if exploited, cybersecurity firm Dragos Inc. warned in a series of reports published March 1. The reports, which cover ICS vulnerabilities, ICS threats, and reactions to existing threats, draw a dire picture […]

Researchers have successfully demonstrated an open-source supervisory control and data acquisition (SCADA) system designed to withstand attacks and compromises on the power grid. The intrusion-tolerant system—called “Spire”—keeps power flowing even if part of the system is compromised, and it may be a breakthrough for grid resiliency, industry observers said. Spire was built from the ground […]

Cybersecurity threats have increased dramatically as sophisticated, nation-state developed hacking programs have been leaked to the general public. Now, common criminals have high-tech tools at their disposal with the capability to cause serious damage. As such, the power industry must take precautions and upgrade security to keep systems safe. While regulations provide a minimum security […]

  A newly established U.S. Department of Energy (DOE) office dedicated to cybersecurity, energy security, and emergency response may be a signal that it is elevating its focus on emerging grid threats. The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) will use $96 million in funding included in President Trump’s Fiscal Year 2019 budget […]

100% of survey respondents say their cybersecurity function is not fit for purpose Utilities struggle to monitor their digital ecosystem more than all other sectors 85% of respondents say they don’t have a robust incident response program  LONDON, 31 JANUARY 2018. All utilities organizations surveyed in the latest EY Power and Utilities Global Information Security […]

Cybersecurity is a topic covered frequently in the pages of POWER magazine, and one that all power plants need to take seriously. A recent simulation proved that the consequences of a hack can be grave. The drill took place in Sweden, but could have been conducted anywhere in the world. The attack used plant control […]

FoxGuard Solutions and Security Matters partner to provide a new cyber secure industrial computing solution to the energy industry. CHRISTIANSBURG, Va. (January 18, 2018) — FoxGuard Solutions, Inc. announced the release of GRID-FS1, a new fanless rugged industrial computer for substation application. Designed to meet IEC 61850-3 and certified for IEEE 1613,  the GRID-FS1 is […]

 The Federal Energy Regulatory Commission (FERC) has proposed a revision of the Critical Infrastructure Protection (CIP) Reliability Standards to enhance awareness of existing or developing cybersecurity threats to the nation’s energy infrastructure. FERC issued a Notice of Proposed Rulemaking (NOPR) on December 21 that directs the North American Electric Reliability Corp. (NERC) to broaden CIP-008-5 […]

Unmanned aerial systems—drones—have quickly found their place in the power sector. But as the industry moves out of test cases and experiments, and into full implementation of drones, it is facing a whole

Utilities across the country are gearing up for an attack on the power grid November 15 and 16. Thankfully, it’s only a drill. But in the event of an actual emergency, a real physical and cyberattack on the U.S. electricity infrastructure, GridEx IV—a biennial exercise conducted by the North American Electric Reliability Corp. (NERC)—will help […]

Organizations across every industry today face a wide range of cyber threats and serious security challenges from various vectors. A top concern among these is the persistence cybersecurity experts are seeing

A report released by the Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) outlines a number of solutions and general best practices to thwart infiltration by the ongoing Dragonfly cyberattack campaign, which it says is targeting operational technology personnel. (For an in-depth story on that report, see: “DHS, FBI Identify Tactics in Cyberattack […]

The Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) warned in an e-mail on October 20 that an ongoing cyberattack campaign is targeting the nuclear, energy, and other critical infrastructure sectors since at least May 2017—with results ranging from cyber espionage to the ability to disrupt energy systems in the event of […]

The Midland Cogeneration Venture (MCV) in Midland, Michigan, is the largest natural gas-fired combined electrical energy and steam energy generating plant in the U.S. It is capable of continuously producing

Siemens, a global engineering and technology leader, and PAS Global, the leading provider of industrial control system (ICS) cybersecurity solutions, announced an agreement to provide fleet-wide, real time monitoring for control systems. By leveraging the unique capabilities of both companies, this partnership will provide customers with: (1) deep analytics required to identify and inventory proprietary assets; and (2) visibility […]

Strategic partnership to augment customers’ ability to stop breaches and proactively detect and mitigate security risks SUNNYVALE, Calif., July 18, 2017 – CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced a joint Services go-to market partnership with Dragos, the renowned Industrial control system (ICS) cybersecurity experts. Today, CrowdStrike Services offers industry-leading cyber readiness assessments, […]

Understanding the threat posed to industrial control systems (ICSs) by malware is difficult. It requires knowledge of proper ICS functionality in order to identify illegitimate software. One industrial

New technology is being used throughout the power industry to improve plant efficiency, predict trouble with degrading equipment, forecast weather trends, and train workers. A recent conference hosted by POWER

What it means to have a secure energy generating facility has changed in recent years as the threat of cyberattacks grows. As the nation’s energy sector becomes increasingly interconnected, it is more

Several European countries have moved to adopt distinct cybersecurity measures as a result of the increased interconnectivity within Europe’s energy system along with a changing paradigm that includes decentralized power sources, the integration of electric vehicles, new digital infrastructure, and connected operational technology. According to a 2016 survey by the European Commission, at least 80% […]

Security issues are second only to cost concerns when energy generators consider the risks related to implementing connected technology at their power plants, according to a February 15 poll of the audience at POWER’s Connected Plant Conference. However, continued improvements in available cybersecurity systems are quickly reducing those risks, Stan Schneider, CEO of Real-Time Innovations, […]

As concerns about grid security increase globally, it’s a good time to review the history, scope, and effect of North American electric system reliability standards. As the threat landscape changes, standards alone are not enough. Mandatory. That’s the key word in the Energy Policy Act of 2005 (EPAct) where grid security is concerned. Within two […]

A bill to protect the U.S. power grid from cyber-attacks reintroduced by members of the U.S. Senate Intelligence Committee urges a “retro” approach to cybersecurity using a novel analog “disrupter” technology to guard computer-connected operating systems. U.S. Senators Jim Risch (R-Idaho) and Angus King (I-Maine) on January 10 renewed their support of the Securing Energy […]