cybersecurity

In January 2021, a hacker accessed the digital infrastructure controlling the water supply for Oldsmar, a Florida city of 15,000 people. The bad actor attempted to manipulate the city’s water supply, exploiting a vulnerability in the company’s IT-grade remote access software to alter levels of sodium hydroxide in the water supply, raising its concentration to […]

Executive Summary Electric utilities face unprecedented cybersecurity challenges as attacks grow more frequent, complex, and targeted. Once considered an IT issue, cybersecurity is now central to maintaining grid reliability, customer trust, and regulatory compliance. This white paper examines the critical vulnerabilities within meter data management systems and the operational, financial, and reputational risks utilities face […]

For the better part of the past decade, utility companies have been more concerned with the potential for outages than cyberattacks, but this has changed over the past several months. The Colonial Pipeline ransomware attack and the remote cyberattack on a Florida water treatment plant put cybersecurity top-of-mind and made it clear hackers can do […]

In December 2020, the U.S. Department of Energy announced a new subcommittee focused on the nation’s electric grid. The Grid Resilience for National Security subcommittee was a response to increasing threats to the country’s expansive electric grid that reliably delivers electricity to power the digital age. Today, those threats are even more relevant than ever […]

Cyberattacks on the U.S. energy system threaten our national security and way of life. While the sources of such risks may be debatable, the threats are real and the potential consequences are grave. Former

  COMMENTARY Supply chain security is top of mind these days for policymakers and regulators focused on protecting the utility industry and other critical infrastructure. A cyber vulnerability with a single supplier can take down an entire supply chain network and the entities that use its products. The organizations that support and supply products and […]

The Biden administration is moving to add more safeguards to the nation’s critical infrastructure by establishing a new voluntary public-private collaboration that will focus wholly on industrial control systems (ICS) cybersecurity. The administration formally launched the “Industrial Control Systems Cybersecurity Initiative” in the “National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems” signed by […]

IBM Security reported on July 28 that the average cost of recent data breaches was $4.24 million per incident, the highest cost ever recorded by the company in 17 years of tracking the metric. Notably, data breaches in the U.S. were by far the costliest, exceeding $9 million per incident on average. The findings were […]

In early May 2021, a Russian cyber-criminal group hit Colonial Pipeline, the largest U.S. oil and natural gas pipeline system, with a devastating ransomware attack. The exploit maliciously encrypts computer files, making them inaccessible unless the victim pays a ransom. To contain the threat, Colonial was forced to temporarily shut down portions of its operations […]

How do you protect yourselves from cybercriminals that plan to hold your organization for ransom? These criminals are intelligent, extremely computer literate, and know that production facilities, the utility sector, and mainly the power sector are ripe for ransom threats. The criminal hack organization known as DarkSide created a malicious computer code that resulted in […]