• North Korea sent spear phishing emails to U.S. electric companies

    Cybersecurity firm FireEye says it can confirm that the company’s devices detected and stopped spear phishing emails sent on 22 September 2017 to U.S. electric companies by “known cyber threat actors likely affiliated with the North Korean government.” The activity was early-stage reconnaissance, and not necessarily indicative of an imminent, disruptive cyberattack that might take months to prepare if it went undetected (judging from past experiences with other cyber threat groups).

  • Bipartisan bill to help secure the electric grid

    Last week, a bipartisan group of lawmakers introducing H.R. 3855, the Securing The Electric Grid to Protect Military Readiness Act of 2017. H.R. 3855, if enacted, would require the Secretary of Defense, in coordination with the Director of National Intelligence, and the Secretaries of Energy and Homeland Security, to submit to Congress a report detailing significant security risks to defense critical electric infrastructure posed by malicious cyber-enabled activities.

  • Strengthening the cybersecurity of the grid

    As the U.S. electricity grid continues to modernize, it will mean things like better reliability and resilience, lower environmental impacts, greater integration of renewable energy, as well as new computing and communications technologies to monitor and manage the increasing number of devices that connect to the grid. However, that enhanced connectivity for grid operators and consumers also opens the door to potential cyber intrusions. New project aims to mitigate vulnerabilities introduced by rooftop solar panels integrated with the grid.

  • Circuit simulation methods protect the power grid

    In December 2015, Russian hackers pummeled Ukraine’s power grid, disrupting the flow of electricity for nearly a quarter-million Ukrainians. Then, in December 2016, roughly a year after the first attack, the hackers struck again. But this time, they targeted an electric transmission station in Kiev, the capital of Ukraine. Each cyberattack lasted no more than six hours, but security experts were still alarmed: hackers had just demonstrated their ability to infiltrate the grid and drastically alter the flow of society. Americans began to worry. If hackers could target Ukraine, then what would stop them from targeting other countries in western Europe or even the United States?

  • Using AI to prevent, minimize electric grid failures

    A project led by the Department of Energy’s SLAC National Accelerator Laboratory will combine artificial intelligence with massive amounts of data and industry experience from a dozen U.S. partners to identify places where the electric grid is vulnerable to disruption, reinforce those spots in advance, and recover faster when failures do occur. It is the first project to employ AI to help the grid manage power fluctuations, resist damage and bounce back faster from storms, solar eclipses, cyberattacks, and other disruptions.

  • Western energy sector target of sophisticated attack by Russian-linked group Dragonfly

    The energy sector in Europe and North America is being targeted by a new wave of cyberattacks that could provide attackers with the means to severely disrupt affected operations. The group behind these attacks is known as Dragonfly. The group has been in operation since at least 2011 but has re-emerged over the past two years from a quiet period following exposure by Symantec and a number of other researchers in 2014. This “Dragonfly 2.0” campaign, which appears to have begun in late 2015, shares tactics and tools used in earlier campaigns by the group.

  • North Korea threatens EMP attack on U.S.

    North Korea’s relentless march toward acquiring the capability to place a hydrogen bomb on top of an ICBM will soon pose a threat to all major U.S. cities. There is another threat that marrying of a hydrogen bomb to a powerful rocket poses: An EMP threat. The North Koreans could launch a missile into the upper atmosphere, then detonate a high-yield hydrogen bomb in space in order to generate an electromagnetic pulse, or EMP, which would shut down the U.S. power grid and damage electrical devices. Experts testifying before the Congressional EMP Commission said that in the event of a massive EMP attack on the United States using multiple high-yield warheads, around 90 percent of the American population would be dead after eighteen months due to famine, disease, and societal breakdown.

  • New tool could ease burden on U.S. overworked energy grid

    Home may be where we can make the most difference when it comes to American energy usage — households account for nearly one-third of the country’s overall power consumption according to the U.S. Energy Information Administration. A new model may be just the answer to help government and industry leaders alleviate our overworked energy infrastructure.

  • Protecting the power grid from low-budget attacks

    Cyberattacks against power grids and other critical infrastructure systems have long been considered a threat limited to nation-states due to the sophistication and resources necessary to mount them. Last week, at the Black Hat USA 2017 conference in Las Vegas, a team of researchers challenged that notion by disclosing vulnerabilities in a component that combined with publicly available information provide sufficient information to model an advanced, persistent threat to the electrical grid.

  • A model using big data predicts and prevents power outages

    High-speed winds during a thunderstorm may cause trees around an electric grid to crash into the distribution system feeders causing an outage in that area. Currently, most utility companies diminish such accidents by scheduling regular tree-trimming operations. This effort is costly and is based on a rotational approach to different service areas, which may take months and sometimes years before all trees are trimmed. researchers have developed an intelligent model that can predict a potential vulnerability to utility assets and present a map of where and when a possible outage may occur. The predictive feature allows the trees in the most critical areas with the highest risk to be trimmed first.

  • Aging power plants provide U.S. with environmental risks, economic opportunities

    When it comes to the current plans to retire U.S. power plants, researchers believe we are “running towards a cliff with no fence.” The researchers examined more than a century of power plant construction and retirement data. They found that power plant retirement trends will complicate achieving long-term carbon dioxide (CO2) emission reduction targets and require a significant increase in capital investments. Additionally, a shift in investment emphasis from adding megawatts of generating capacity at low cost to reducing tons of CO2 emissions is creating an imbalance that may pressure grid reliability over the next two decades.

  • U.S. electric grid remains vulnerable to natural disasters, cyber- and physical attacks

    The grid remains vulnerable to diverse threats that can potentially cause extensive damage and result in large-area, prolonged outages that could cost billions of dollars and cause loss of life, the report found. Experts recommend ways to make the grid more resilient through the development and demonstration of technologies and organizational strategies that minimize the likelihood that outages will happen, reduce the impacts and speed recovery if they do, all the while developing mechanisms for continual improvements based on changing threats.

  • U.K. energy firms hacked by Russian government hackers: U.K. spy agency

    A leaked U.K. government memo says that in the wake of the 8 June general election, the U.K. energy industry is “likely to have been compromised” by Russian government hackers. The report, produced by the National Cyber Security Centre (NCSC) – the British equivalent of the U.S. NSA — warns that the British intelligence service had spotted connections “from multiple U.K. IP addresses to infrastructure associated with advanced state-sponsored hostile threat actors.”

  • “Smart” transformers could make reliable smart grid a reality

    The idea of a smart grid that can handle power flows not just from the power company to our homes, but also back from our homes to the power company has been around for years. Among other benefits, such a grid would improve efficient use of renewable energy and storage. But, to date, the smart grid has been mostly conceptual. The new study indicates that it could move from concept to reality in the near future, using technology that already exists. The key technology is solid-state transformers (SST).

  • Stuxnet, the sequel: Dangerous malware aims to disrupt industrial control systems

    A cybersecurity firm has identified a new, dangerous malware, dubbed Industroyer, capable of performing an attack on power supply infrastructure. The malware was likely involved in the December 2016 cyberattack on Ukraine’s power grid that deprived part of its capital, Kiev, of power for over an hour. is capable of directly controlling electricity substation switches and circuit breakers. It uses industrial communication protocols used worldwide in power supply infrastructure, transportation control systems, and other critical infrastructure. The potential impact may range from simply turning off power distribution, triggering a cascade of failures, to more serious damage to equipment.