Collaborate Disseminate
Government leaders should align across agencies with a consistent approach that empowers critical infrastructure owners and operators.
The post Building the right collective defense against cyberattacks for critical infrastructure appeared first on CyberScoop.
The collaboration unfolded at the cybersecurity conference in Las Vegas where more than 1,700 attendees attempted to outsmart DOD technology.
The post Pentagon put microgrid technology to the test at DEF CON, drawing on hackers’ ingenuity appeared first on CyberScoop.
Russian losses near Kyiv and a looming onslaught in eastern Ukraine may be a factor in the attack, a Ukrainian official said.
The post Russian hackers thwarted in attempt to take out electrical grid, Ukrainians say appeared first on CyberScoop.
Continue reading Russian hackers thwarted in attempt to take out electrical grid, Ukrainians say
Gripped as we are at the time of this writing by a historic heatwave, it’s hard for those of us in the western United States to picture a time when …read more Continue reading Black Starts: How the Grid Gets Restarted
Once upon a time, the consensus was that renewable energy was too expensive and in too sparse supply to be a viable power source to run our proud, electrified societies …read more Continue reading South Australia vs. Too Much Home Solar
About a quarter of roughly 1,500 electric utilities sharing data with the North American power grid regulator said they installed the malicious SolarWinds software used by suspected Russian hackers, the regulator said on Tuesday. The electric utilities did not report any significant follow-on activity from the hackers, but the broad exposure of the sector points to the challenges of protecting utilities from supply-chain breaches. A minority of the electric-sector organizations that downloaded the malicious code used the affected SolarWinds software in their “operational technology” networks, a broad term for more sensitive software and hardware used to manage industrial operations, according to the North American Electric Reliability Corp. NERC is a not-for-profit regulatory authority backed by the U.S. and Canadian governments. But Manny Cancel, a senior vice president at NERC, said clear communication on the espionage campaign from the U.S. government helped the sector to reduce its exposure to any […]
The post Hundreds of electric utilities downloaded SolarWinds backdoor, regulator says appeared first on CyberScoop.
Continue reading Hundreds of electric utilities downloaded SolarWinds backdoor, regulator says
A major supplier of U.S. electrical equipment has joined a Department of Energy-funded research program to defend industrial infrastructure from hacking, the Biden administration announced Thursday. As part of the program, Schweitzer Engineering Laboratories, which makes gear that helps power the grid, will submit products for testing to the Idaho National Laboratories (INL). The Department of Energy-backed INL hosts some of the U.S. government’s most talented penetration testers of industrial equipment. The program is “especially [important] now with nation-states paying particular interest to the electric sector,” David Whitehead, Schweitzer’s chief executive, said in an interview. The vulnerability-testing initiative is known as the Cyber Testing for Resilient Industrial Control System (CyTRICS) program, and has been in the works for at least two years. But it has taken on greater importance amid reports of a growing number of foreign hacking groups probing industrial control systems, the hardware and software that underpin energy systems. […]
The post Electric equipment giant Schweitzer joins US testing program to defend grid from hacking threats appeared first on CyberScoop.
The North American electric grid regulator has asked utilities to report how exposed they are to SolarWinds software that is at the center of a suspected Russian hacking operation, and the regulator advised utilities that the vulnerability “poses a potential threat” to parts of the power sector. The North American Electric Reliability Corp. (NERC), a not-for-profit regulatory authority backed by the U.S. and Canadian governments, said in a Dec. 22 advisory to electric utilities that there was no evidence indicating that the malicious tampering of SolarWinds software had impacted power systems. But the fact that software made by Texas-based firm SolarWinds is used in the electric sector has made vigilance important, according to NERC. “At this time, NERC is not aware of any known impacts to bulk power system (BPS) reliability or system outages related to the SolarWinds compromise,” reads the advisory, which CyberScoop obtained. “However, the presence of SolarWinds […]
The post Grid regulator warns utilities of risk of SolarWinds backdoor, asks how exposed they are appeared first on CyberScoop.
The U.S. government officials trying to test the country’s ability to respond to a major cyberattack thought they had pulled out all the stops. Engineers had planned to simulate the kind of security incident that would cause an electrical blackout, after all, and had even planned to hold the event on an isolated island off the coast of New York. Even with all that preparation, a once-in-a-century pandemic still wasn’t in the script. Until this year, National Guard personnel, Pentagon contractors and engineers at big U.S. utilities would typically gather in person to run through exercises involving dire scenarios, from a weeks-long power outage to a mock attack on utility computers that appeared to delete data. In October, though, COVID-19 forced planners from the departments of Defense and Energy to figure out how to run the event virtually, with participants plugged in from around the country. And they used the […]
The post How the US military used a creepy island to test cyberattacks on the grid — in the middle of a pandemic appeared first on CyberScoop.
Executives from multiple U.S. electric utilities on Monday convened a phone call to discuss a critical vulnerability in software made by SolarWinds, the federal contractor at the heart of an apparent cyber-espionage operation. The briefing, hosted by an industry-government group known as the Electricity Subsector Coordinating Council, is just one example of the wide ripple effects of the malicious tampering of SolarWinds’ software by suspected state-sponsored hackers. The SolarWinds compromise has led to the reported breaches of multiple U.S. federal agencies, including the departments of Treasury and Homeland Security. The affected software is widely used in the electricity, oil and gas and manufacturing sectors, and the process of assessing some organizations’ exposure to the bug has only just started. “We have to make sure we’re breaking down some of these concepts so they understand the impact to them as critical infrastructure owners and operators,” said one U.S. official involved in […]
The post SolarWinds breach has industrial firms checking their networks for vulnerabilities appeared first on CyberScoop.
Continue reading SolarWinds breach has industrial firms checking their networks for vulnerabilities