electricity sector – WindowsTechs.com

Federal incentives could help utilities overcome major cybersecurity hurdle: money

Posted on June 22, 2023 by Christian Vasquez

A new rule that would give electric utilities incentives for investing in cybersecurity is set to go into effect next month.

The post Federal incentives could help utilities overcome major cybersecurity hurdle: money appeared first on CyberScoop.

Continue reading Federal incentives could help utilities overcome major cybersecurity hurdle: money→

Voluntary Biden administration control system security initiative coming to water sector

Posted on January 27, 2022 by Tim Starks

The Biden administration announced Thursday it is extending a voluntary cybersecurity initiative for essential control systems in the electricity sector and pipelines to facilities that supply water across the U.S. Under the initiative, the administration is pushing participating water sector facilities to adopt detection technologies that would monitor cyber threats to industrial control systems (ICS), which automate processes such as the treatment, storage and distribution of water. It’s also urging them to more rapidly share threat data with the U.S. government. The 100-day plan will first aim to bring in larger facilities. The water sector, which includes what a senior administration official estimated at over 150,000 facilities that provide water to approximately 300 million Americans, has long been considered one of the most vulnerable in the U.S. to cyberattacks. A hack last February on a facility in Florida temporarily altered the plant’s sodium hydroxide setting to a level harmful to […]

The post Voluntary Biden administration control system security initiative coming to water sector appeared first on CyberScoop.

Continue reading Voluntary Biden administration control system security initiative coming to water sector→

German intelligence agencies warn of Russian hacking threats to critical infrastructure

Posted on May 26, 2020 by Sean Lyngaas

A Kremlin-linked hacking group has continued its long-running efforts to target German companies in the energy, water and power sectors, according to a confidential German government advisory obtained by CyberScoop. Investigators earlier this year uncovered evidence of the hackers’ “longstanding compromises” at unnamed German companies, according to the memo that German intelligence and security agencies sent last week to operators of critical infrastructure. The hacking group — dubbed Berserk Bear and suspected by some industry analysts of operating on behalf of Russia’s FSB intelligence agency — has been using the supply chain to access the German companies’ IT systems, said the alert from the BSI, BND, and BfV federal agencies. “The attackers’ goal is to use publicly available but also specially written malware to permanently anchor themselves in the IT network…steal information or even gain access to productive systems [OT networks],” the advisory said. There was no evidence of a disruptive attack […]

The post German intelligence agencies warn of Russian hacking threats to critical infrastructure appeared first on CyberScoop.

Continue reading German intelligence agencies warn of Russian hacking threats to critical infrastructure→

European power grid organization says its IT network was hacked

Posted on March 9, 2020 by Sean Lyngaas

The organization that ensures coordination of European electricity markets said Monday that its IT network had been compromised in a “cyber intrusion.” The European Network of Transmission System Operators for Electricity (ENTSO-E), whose members include large electric transmission operators across the continent, “recently found evidence of a successful cyber intrusion into its office network,” the organization said in a terse statement. The compromised office network is not connected to any operational electric transmission system, ENTSO-E said, meaning the attack was confined to IT systems and did not impact critical control systems. “A risk assessment has been performed and contingency plans are now in place to reduce the risk and impact of any further attacks,” the ENTSO-E said, adding that its members were apprised of the situation. CyberScoop sent ENTSO-E’s press office a list of questions including when the digital intrusion began and who might be responsible for the attack. “For obvious […]

The post European power grid organization says its IT network was hacked appeared first on CyberScoop.

Continue reading European power grid organization says its IT network was hacked→

State Department pledges $8 million more in cybersecurity aid to Ukraine

Posted on March 3, 2020 by Sean Lyngaas

U.S. military assistance to Ukraine sparked an impeachment inquiry, but U.S. cybersecurity aid to the Eastern European country continues to flow, unimpeded and under the radar. The State Department on Tuesday announced an additional $8 million in cybersecurity funding for Ukraine, whose electric utilities sector has twice been struck by Russia-linked hackers in recent years. One of those cyberattacks, in 2015, plunged a a quarter of a million Ukrainians into darkness. Ever since then, Washington has tried to ramp up Ukraine’s cyberdefenses with funding and strategic advice, including through a project to help Ukraine develop a national cybersecurity strategy. Some of the new funding will be used for building out Kyiv’s legal and regulatory framework for improving cyberdefenses, the State Department said. The new money is on top of the $10 million in cybersecurity aid the U.S. previously pledged to Ukraine. MITRE Corp., a federally funded not-for-profit, has been contracted […]

The post State Department pledges $8 million more in cybersecurity aid to Ukraine appeared first on CyberScoop.

Continue reading State Department pledges $8 million more in cybersecurity aid to Ukraine→

New research shows more utility companies are being targeted by phishing emails

Posted on September 23, 2019 by Sean Lyngaas

A set of possibly state-sponsored hackers has targeted a much longer list of U.S. utility-sector organizations than previously documented, according to cybersecurity company Proofpoint, underscoring the steady interest that well-resourced hackers have in U.S. critical infrastructure. From April to August, the unidentified hackers have targeted at least 17 entities in the sector, Proofpoint said. The tally jumped from the three utilities the company reported on in August after a fresh batch of phishing emails was found. Proofpoint is unsure who is behind the spearphishing attempts, but described the activity as an “advanced persistent threat” campaign — a label used to denote state sponsorship. Proofpoint has said there are similarities between macros used by the attackers and activity last year from APT10, a group tied to China’s civilian intelligence agency. The link between the two, however, is far from conclusive. “Our analysts did not observe additional code overlap or infrastructure reuse […]

The post New research shows more utility companies are being targeted by phishing emails appeared first on CyberScoop.

Continue reading New research shows more utility companies are being targeted by phishing emails→

A potentially state-sponsored hacking campaign tried to phish U.S. utilities in July, researchers say

Posted on August 1, 2019 by Sean Lyngaas

Hackers that may be state-sponsored tried to spearphish three companies in the U.S. utility sector last month, cybersecurity company Proofpoint said Thursday. The malware-laced emails were sent from July 19 to July 25 and appeared to impersonate a national association that facilitates engineering exams, Proofpoint researchers said. A Microsoft Word document attached to the emails contained a remote access trojan capable of deleting files, taking screenshots, rebooting a machine, and deleting itself from an infected network, among other attributes. The researchers did not say if the hackers were able to compromise the utility companies. A person familiar the matter told CyberScoop that at least one of the three organizations was able to block and mitigate the activity. That person did not have knowledge of the other two organizations that were targeted. It is also unclear who is behind the phishing operation. There are similarities between the macros used in this […]

The post A potentially state-sponsored hacking campaign tried to phish U.S. utilities in July, researchers say appeared first on CyberScoop.

Continue reading A potentially state-sponsored hacking campaign tried to phish U.S. utilities in July, researchers say→

Power struggle: Government-funded researchers investigate vulnerabilities in EV charging stations

Posted on February 25, 2019 by Sean Lyngaas

Charging stations for electric cars have sprung up across the country in recent years as hybrid vehicles continue to gain popularity. As those stations carry more wattage, their potential effect on local power flows has grown. The trend caught the eye of researchers at a top government cybersecurity lab, who have embarked on a multiyear project to learn how hacking a charging station might disrupt the quality and flow of power through a local grid. Kenneth Rohde, a cybersecurity researcher at the Idaho National Laboratory, explained the project to a room of engineers and hard-hat hackers at the S4 Conference last month in Miami. In a video, Rohde approached a charging station and ran an attack on the human machine interface (HMI), which affects the charging process by communicating with a control system. “Now you’ll see this power meter is jumping all over the place,” Rohde said. He executed […]

The post Power struggle: Government-funded researchers investigate vulnerabilities in EV charging stations appeared first on CyberScoop.

Continue reading Power struggle: Government-funded researchers investigate vulnerabilities in EV charging stations→