cybersecurity

Beyond major reliability events that have prompted regional blackouts in the past, the U.S. grid faces “imminent danger from cyber attacks,” warns the second installation of the Obama administration’s Quadrennial Energy Review (QER). Here are other key trends outlined in the comprehensive study of the nation’s electricity system. The QER, available on the DOE web site, identifies the threats, […]

A tumultuous election year that was marked by market turmoil, the events of 2016 clearly showed that big change is afoot for the power sector. Many of POWER‘s bold predictions for 2016, such as that the near-simultaneous surge in U.S. natural gas production and recent enactment of environmental rules would reshape the U.S. power sector, […]

A joint strategy released by the governments of the U.S. and Canada to thwart the growing threat of cyberattacks on the electric grid sets three priorities that the countries said would be critical to preserving energy and national security. The “Joint United States-Canada Electric Grid Security and Resilience Strategy,” released on December 15, outlines three […]

As the U.S. enters the final stretch of what seems like an interminable presidential campaign, I’ve been thinking about the motto “ e pluribus unum” (out of many, one). That motto also applies to the power industry. The U.S. is composed of many states, individuals with family origins in virtually every part of the world, […]

  CHICAGO & FORT MONTGOMERY, NY – August 25, 2016 – S&C Electric Company, a global provider of equipment and services for electric power systems, and IPERC, an industry leader in cybersecure, intelligent microgrid control systems, today announced a definitive agreement under which S&C would acquire all outstanding common shares of IPERC. Terms of the […]

Reliability and cybersecurity ranked as the two most important issues currently confronting the electric industry, according to surveys completed by 672 qualified utility, municipal, commercial, and community stakeholders for Black & Veatch’s “2016 Strategic Directions: Electric Industry Report.” It’s not particularly surprising to see reliability rank at the top of the list. “Reliability has always […]

The Majority of ICS Components Connected to the Internet Are Located in the United States and Europe WOBURN, Mass.–(BUSINESS WIRE)–Kaspersky Lab released its report on the Industrial Control Systems (ICS) threat landscape, which revealed that large organizations likely have ICS components connected to the internet that could allow cybercriminals to attack critical infrastructure systems. The […]

The European Union (EU) parliament on July 6 approved the first community-wide rules designed to bolster cybersecurity throughout the EU. According to the official statement, the new law “lays down security and reporting obligations for ‘operators of essential services’ in sectors such as energy, transport, health, banking and drinking water supply. EU member states will […]

EEI Convention keynote speaker Keren Elazari urged electric utilities to partner with “friendly hackers.”

Ensuring the reliability of the power system is the responsibility of many industry participants. In this POWER exclusive, one regional reliability entity, the Midwest Reliability Organization, explains its role. In response to the 2003 Blackout—which affected parts of the U.S. Northeast and Midwest, plus portions of the Canadian province of Ontario—the U.S. Congress mandated adoption […]

Experts testifying during a Senate hearing on critical infrastructure security on May 18 were at odds about how vulnerable the electric grid is to a variety of threats. “The Chinese are already in our power grid. The Russians are already inside our power grid. They may lack the motivation—because of the interrelationship that we have with […]

Operators at RWE’s Gundremmingen plant northwest of Munich moved to shut down the reactor this week after malware was discovered in the plant fuel handling network. The utility said the shutdown was a precaution and the plant was not believed to be in danger. Unlike previous malware attacks on power plants this year, the infection […]

Generating companies wondering if concerns about cybersecurity are overblown got some rude wake-up calls this winter. The first call came when Ukrainian media reported that a December 23 blackout that left

External malicious actors deployed a “synchronized and coordinated” cyberattack to prompt the large-scale blackout in Ukraine last December, a U.S. interagency team has confirmed. The event on December 23, 2015— the world’s first power blackout prompted by a cyberattack—saw a swathe of unscheduled power outages afflict three regional power distribution companies (called the “Oblenergos”) and cut […]

A national action plan issued by the White House seeks to take near-term actions to enhance cybersecurity awareness and protections, including investing more than $19 billion in resources for cybersecurity. The Cybersecurity National Action Plan (CNAP) announced on February 9 is the “capstone” of more than seven years of efforts by the Obama administration to tackle […]

North America’s reserve margins are trending downward, even though electricity demand has generally fallen, the North American Electric Reliability Corp. (NERC) warned in a new report. The international regulatory authority established to gauge and improve the reliability of North America’s bulk power system (BPS) said in its annual long-term report that electricity demand has dropped […]

The U.S. Senate has approved the Cybersecurity Information Sharing Act (CISA), controversial legislation intended to block the deluge of cyberattacks by opening up communication channels between the private sector and federal agencies.   Senate Bill 754 introduced in March by Sen. Richard Burr (R-N.C.) and co-sponsored by Dianne Feinstein (D-Calif.) passed the Senate by a […]

Researchers looking at “quantifiable differences in security performance” across industries from August 1, 2014, to August 1, 2015, found “challenging performance trends” in the critical energy and utilities sector. The third annual BitSight Insights Industry Benchmark report analyzed security ratings of nearly 10,000 organizations in six industries: finance, federal government, retail, energy and utilities, healthcare, […]

The societal impact of a “Black Sky Day”—a term used by electric infrastructure security experts when discussing a collapse of the North American power grid—would be devastating, according to Dr. Daniel Baker, distinguished professor of Planetary and Space Physics at the University of Colorado, Boulder. Baker testified before two subcommittees of the U.S. House of […]

It’s certainly no secret that for many years, the power industry has been a top target for hackers around the world. However, whereas in the past, many of these attacks were relatively easy to block using

Is the sky falling? No, but are there lessons we can learn from Chicken Little? Absolutely. False alarms and fear mongering consume energy we can ill afford to waste, but should some sort of alarm be sounding

Broad, bipartisan energy legislation that would allocate federal funding to grid technology research and demonstration along with a number of other initiatives, including cybersecurity and the energy-water nexus, has cleared the Senate Energy and Natural Resources Committee with an 18–4 vote.  The committee’s chair, Sen. Lisa Murkowski (R-Alaska), and Ranking Member Sen. Maria Cantwell (D-Wash.) […]

A cyber attack on the U.S. power grid could potentially destroy dozens of generating units, leave 93 million people without power for weeks, and result in nearly $250 billion dollars in economic damage, according to a new report from Lloyd’s of London. Prepared to enable insurers to gauge and prepare for potential risks, the report […]

With unprecedented changes and challenges facing the U.S. energy sector, the Department of Energy has spearheaded a comprehensive assessment of the nation’s energy policy. Released the same day as ELECTRIC POWER 2015 opened, the first installment of this review was highlighted in the conference’s keynote address. U.S. energy infrastructure needs not just substantial investment for […]

The U.S. energy infrastructure needs not just substantial investment for the future but also considerable rethinking about its role and functions in order to be positioned to deal with a rapidly changing energy landscape and evolving threats from cyber attack and climate change. That was the message from William F. Hederman, Jr., Department of Energy […]

Cyberattacks on Korea Hydro and Nuclear Power’s (KHNP’s) computer systems last December were committed by a group of North Korean hackers, an interim South Korean investigation has concluded.  The Seoul central prosecutors office said in a March 16 statement that the malicious codes used for the nuclear operator hacking were “the same in composition and […]

President Obama’s State of the Union (SOTU) address on Tuesday night held no surprises about energy issues. The word “energy” only appeared twice in the president’s speech—once in mention of the nation’s “booming energy production” and once with regard to how we produce and use energy. The word “power” came up twice with respect to […]

Computer systems at Korea Hydro and Nuclear Power Co. (KHNP)—the operator of South Korea’s 23 commercial nuclear reactors—were hacked and information divulged via blog posts and posts on Twitter, according to the company. The first leaks on Dec. 15 were of personal information obtained from some of the 10,799 employees of the company, but later […]

Cybersecurity threats facing the power industry have escalated dramatically in the past few years, as state-sponsored, organized crime, and hacktivist groups all seek to infiltrate U.S. energy infrastructure for cyber-espionage and sabotage purposes. A recent example of the severity of this threat can be seen in operation “Energetic Bear”—a Russian campaign to infect U.S. and […]

A group of hackers apparently based in Moscow has been conducting an “ongoing cyberespionage campaign” against energy sector companies in the U.S. and Western Europe, according to a report released June 30 by computer security firm Symantec. The targets included “energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment […]