What’s holding back operational excellence in the utility sector?

OpenText Information Management

Once upon a time, the utility industry was a relatively simple place to be. It was all about the safe and consistent generation and distribution of energy with good capacity planning, minimal outages and happy customers. Governments and industry bodies got busy with new legislation … The post What’s holding back operational excellence in the utility sector?

Coronavirus-themed campaign targets energy sector with PoetRAT

Security Affairs

Threat actors employed the previously-undetected PoetRAT Trojan in a Coronavirus-themed campaign aimed at government and energy sectors. . The attacks targeted the Azerbaijan government and utility companies, the malicious code was designed to infect supervisory control and data acquisition (SCADA) systems, broadly used in the energy and manufacturing industries. .

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cybersecurity in utilities: Critical questions for securing distributed energy resources (DERs)

CGI

Cybersecurity in utilities: Critical questions for securing distributed energy resources (DERs). The energy transition is driving a shift toward the increasing use of distributed energy resources (DERs). DERs are smaller power-generation resources, usually located on the consumer side, that provide energy where it is needed. From a cybersecurity perspective, DERs pose new and unique challenges for utilities.

Document Storage for the Energy Industry

Armstrong Archives

If you work in the energy industry, it comes as no surprise that it’s one of the most heavily regulated. To comply with government regulations, an energy company might have tens of thousands of documents that need to be physically stored, scanned or destroyed. Utilize a company that will inventory items with barcoding. The post Document Storage for the Energy Industry appeared first on Armstrong Archives, LLC.

Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

Security Affairs

The Israeli government has issued an alert to organizations in the water sector following a series of cyberattacks that targeted the water facilities. ” reads the alert issued by the Israeli government. “The system calls on companies and entities in the energy and water sectors to immediately exchange passwords from the Internet to the control systems, reduce Internet connectivity and ensure that the most up-to-date version of controllers is installed.”

NERC $10,000,000 Fine of Public Utility Highlights the Need for Cybersecurity Preparedness and CIP Compliance Programs

Data Matters

On January 25, 2019, the North American Electric Reliability Corporation (“NERC”) asked the Federal Energy Regulatory Commission (“FERC”) to approve a settlement issuing a record $10 million fine against an unidentified utility resulting from violations of critical infrastructure protection standards (“CIP”) occurring mostly between 2015 and 2018 (referred to hereafter as the “Settlement Agreement”). Cybersecurity Energy Enforcement Information Security National Security

Utilities Digital Journey Insights (Part 4): Utilities’ pursuit of new business models accelerates

CGI

Utilities Digital Journey Insights (Part 4): Utilities’ pursuit of new business models accelerates. Some utilities even provide vehicle-to-grid services and home energy management systems to help consumers manage their electricity usage. To seize these new business opportunities, utilities are increasing investments in new products and services, making it the second largest IT spend driver and a top innovation investment (73%) over the next three years.

DHS Officials: Hundreds of US Utility Victims Infiltrated by Russian Hackers

Dark Reading

Federal government officials up their count of US energy sector victims from dozens to hundreds, according to a Wall Street Journal report

Strategize your next move to become a utilities leader, delivering value at scale and pace

CGI

Strategize your next move to become a utilities leader, delivering value at scale and pace. In 2019, our CGI Client Global Insights reveal, once again, that utilities are making considerable progress in their digital transformation journey, with 92% of executives now reporting their organization has a defined digital strategy in place. However, a fundamental question remains: Are utilities producing results from their digital strategies?

Tiao Discusses Utilities’ Concerns in Sharing Information with the Government

Hunton Privacy

Tiao was featured on Platts Energy Week discussing the importance of the homeland security partnership between electric utility companies and the U.S. government. Utilities Wary of Sharing Grid Risks,” Tiao talked about the recent leak to The Wall Street Journal of a sensitive internal memo at the Federal Energy Regulatory Commission that revealed potential vulnerabilities in the electricity grid. View the Platts Energy Week feature with Paul Tiao.

Key strategies and technologies to help utilities respond to a “storm” never seen before

CGI

Key strategies and technologies to help utilities respond to a “storm” never seen before. For more than three decades, I served at a leading electric utility, responding to numerous storms to keep the lights on for customers and to support critical infrastructure. I thank them for their tireless service to ensure a reliable energy supply for all of us. While utilities are accustomed to managing crises, COVID-19 brings new challenges.

Lessons for In-House Counsel from Cybersecurity’s Front Lines

HL Chronicle of Data Protection

Indeed, in just the past few years, a variety of cyber adversaries have attacked financial institutions, social media sites, a movie studio, hospital systems, a peer-to-peer ridesharing company, the Democratic National Committee, hotel chains, city governments, educational institutions, telecommunications and energy utilities, prominent retailers, manufacturers, and even the mobile app of a well-known coffee and donut chain.

Do You Have the Right Stuff to Transition to Information Governance?

ARMA International

Follow this trajectory and you’ll push the envelope toward information governance (IG) and position yourself as a Very Important Person in your enterprise. all of which require the same disciplines we utilize when managing our records. Truth is, most organizations take a long time to figure out what this client figured out: that most of the up-front energy has to be spent on your information , not your information technology. Information Governance

Electrification: a lottery ticket that utilities must claim

CGI

Electrification: a lottery ticket that utilities must claim. Utilities face a fundamental dilemma. Due to unprecedented pressure to support the move to an energy-efficient and low-carbon system, they face the paradox of encouraging consumers to consume less of what they sell and distribute—electricity. Is there a lottery ticket for utilities around the corner ? However, this will not happen without a strong commitment and effort from utilities.

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. Government agencies.”

Department of Energy Announces New Efforts in Energy Sector Cybersecurity

Hunton Privacy

On May 14, 2018, the Department of Energy (“DOE”) Office of Electricity Delivery & Energy Reliability released its Multiyear Plan for Energy Sector Cybersecurity (the “Plan”). The Plan is significantly guided by DOE’s 2006 Roadmap to Secure Control Systems in the Energy Sector and 2011 Roadmap to Achieve Energy Delivery Systems Cybersecurity. Multiyear Plan for Energy Sector Cybersecurity. energy sector. electric utilities participate in CRISP.

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Security Affairs

Nigerian cyber gang SilverTerrier, specialized in BEC attacks, used COVID-19 lures in recent attacks on healthcare and government organizations. Researchers at Palo Alto Networks observed a Nigerian cyber gang, tracked as SilverTerrier and specialized in BEC attacks, using COVID-19 lures in a recent wave of attacks on healthcare and government organizations.

Securing the electricity network: Understanding the unique ICS environment of a utility

CGI

Securing the electricity network: Understanding the unique ICS environment of a utility. As utilities and energy delivery systems begin to seek the benefits that the convergence of information technology (IT) and operational technology (OT) offers, they also face the challenge of increased vulnerability to cyberattacks. Digitalization is altering the way information is collected, used and processed in the energy system.

Utilities Digital Journey Insights (Part 3): Data, the new “digital capital” - Going beyond the hype of advanced analytics and AI

CGI

Utilities Digital Journey Insights (Part 3): Data, the new “digital capital” - Going beyond the hype of advanced analytics and AI. This series of blog posts builds on the 2018 CGI Client Global Insights, providing insights into how utilities are making progress toward digital transformation. The findings and perspectives are based on 1,400 in-person interviews with business and IT executives, of which 127 are from the utilities industry. So where do utilities stand?

Thinking Out Loud: Potential Information

John Battelle's Searchblog

image ) If you took first-year physics in school, you’re familiar with the concepts of potential and kinetic energy. If you skipped Physics, here’s a brief review: Kinetic energy is energy possessed by bodies into motion. Potential energy is energy stored inside a body that has the potential to create motion. I like to think of potential energy as a force that’s waiting to become kinetic.

Why Russian APT Fancy Bear hacked the Ukrainian energy firm Burisma?

Security Affairs

Russia-linked cyber-espionage group hacked the Ukrainian energy company Burisma at the center of the impeachment trial of US President Donald Trump. “This report details an ongoing Russian government phishing campaign targeting the email credentials of employees at Burisma Holdings and its subsidiaries and partners. “Phishing for credentials allows cyber actors to gain control of an organization’s internal systems by utilizing trusted access methods (e.g.:

Recent Federal Government Activity on Cybersecurity

Hunton Privacy

This client alert focuses on some of those efforts, including the Federal Energy Regulatory Commission’s (“FERC’s”) creation of a new cybersecurity office, North American Electric Reliability Corporation (“NERC”) action on cybersecurity Critical Infrastructure Protection (“CIP”) standards, continuing legislative developments concerning cybersecurity and anticipated White House executive orders on cybersecurity.

DHS and FBI – Hackers Are Targeting US Nuclear, Energy, and Manufacturing Facilities

Privacy and Cybersecurity Law

According to a new joint report issued by the US Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), hackers have been penetrating the computer networks of companies that operate nuclear power stations, energy facilities, and manufacturing plants in the US since May 2017. If you or your enterprise is engaged in the energy or manufacturing sectors, cyber threat preparation and monitoring is your first line of defense against bad actors.

Protecting America’s Critical Infrastructure

Thales eSecurity

From taking a shower, to brewing your coffee, and watching the news, your morning routine is fueled by the energy sector. But the energy sector also underpins our emergency and response systems, our hospitals and healthcare, our schools, our businesses, and virtually everything we do as a society. Unfortunately, the energy sector is of great interest to cyber attackers today. It’s even possible that the attackers didn’t even know they were targeting a power utility.

Hackers Target Oil Producers During COVID-19 Slump

Security Affairs

Real-Life Examples of Spear-Phishing Attacks in the Energy Production Sector. The threat of spear-phishing for energy companies is, unfortunately, not a theoretical one. The research team found evidence of a campaign occurring March 31, whereby hackers impersonated a well-known engineering company with experience in on- and off-shore energy projects. Why are cyberattacks in the energy industry suddenly on the rise? The Energy Industry Must Remain Vigilant.

Sustainability: The COVID Window of Opportunity

InfoGoTo

The world will consume 6% less energy this year – equivalent to losing the entire demand of India. This pushes up the data processing and transmission overhead of course, but a video conference uses only a few percent of the energy of a face-to-face meeting. We need a systemic change in how energy is generated and transmitted; technological solutions that allow the economy to operate at something close to 100% with 5%-8% annual reductions going forward.

Business ID Theft Soars Amid COVID Closures

Krebs on Security

To prove ownership over the hijacked firms, they hire low-wage image editors online to help fabricate and/or modify a number of official documents tied to the business — including tax records and utility bills.

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

The Last Watchdog

Buried in the Shamoon code was an image of a burning American flag, intended as an admonishment to the Saudi government for supporting American foreign policy in the Middle East. And hackers linked to the Russian government were reportedly behind the Triton hack of 2017 , as well, as disclosed by security vendor FireEye. Less than 48 hours after the killing of Iran’s General Qasem Soleimani, the U.S.

Leveraging Data From Smart Devices in Hospitals: A Talk With Innovation Executive and Ph.D., Sam Hanna

InfoGoTo

associate dean at American University and executive adviser at Alphabet and Amazon, to talk about his thoughts on leveraging data from smart devices and sensors, as well as the part storage and data governance will play in healthcare’s data-driven future. Still, as difficult as it’s been for providers, I believe that COVID-19 has birthed a new energy. For example, in oncology, virtual visits are currently utilized for cancer patients.

The Growing Presence (and Security Risks) of IoT

Thales eSecurity

That pace is unlikely to slow down over the coming years; Pagely noted that organizations are still turning to IoT devices as a way to automate and optimize their business processes as well as save on energy costs. Concurrently, IoT-powered products could malfunction in a way that threaten customers with injuries, economic losses, and environmental damage, as could be the case with IIoT in the energy sector with oil, gas, and utility entities.

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Security Affairs

K-Electric (KE) (formerly known as Karachi Electric Supply Company / Karachi Electric Supply Corporation Limited) is a Pakistani investor-owned utility managing all three key stages – generation, transmission and distribution – of producing and delivering energy to consumers.

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

The Last Watchdog

billion IoT devices in use as of 2017, half are consumer gadgets, like smart TVs, speakers, watches, baby cams and home thermostats; much of the rest is made up of things like smart electric meters and security cameras in corporate and government use. This will be led by the manufacturing, consumer, transportation and utilities sectors. Industry standards-setting bodies and government regulators recognize what’s at stake.

IoT 149

Congratulations to Sidley’s Newest Partners!

Data Matters

Kate brings to her practice substantial experience working with a broad range of government agencies and federal programs across the national security, healthcare, and energy and environmental fields. Congratulations to our 30 colleagues, including Kate Heinzelman and Tomoki Ishiara , for their election to the Sidley Austin partnership , effective January 1, 2020.

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

In fact, memory attacks have quietly emerged as a powerful and versatile new class of hacking technique that threat actors in the vanguard are utilizing to subvert conventional IT security systems. Allegedly developed by US and Israeli operatives, Stuxnet was discovered circulating through Iranian nuclear energy facilities in 2010. Today, if you examine any high-profile data breach, you’re likely to find memory-hacking techniques utilized at multiple key stages of the attack.

List of data breaches and cyber attacks in March 2020 – 832 million records breached

IT Governance

South African utility provider Eskom is still feeling effects of a cyber security incident (unknown). Australia’s Alinta Energy accused of putting customers’ sensitive information at risk (unknown). Dutch government loses two external hard drive containing personal data (6.9 Toronto government leaks personal data of elderly and vulnerable (7,227).

State Attackers Moving from Stealing Data to Social Meddling

Ascent Innovations

The utilities and energy industries experienced high indicators of attack activity, suggests that attackers have access to critical infrastructure and are waiting to exploit this access. State actors tend to zero in on government agencies or utilities and energy targets. State Attackers Moving from Stealing Data to Social Meddling.

Iran-linked APT33 updates infrastructure following its public disclosure

Security Affairs

The APT33 group has been around since at least 2013, since mid-2016, the group targeted the aviation industry and energy companies with connections to petrochemical production. The experts at Recorded Future speculate that one APT33 actor, the Nasr Institute, is part of a tiered structure of the Iranian government cyber operations apparatus that also includes APT35 and MUDDYWATER.

Leak of Grid Vulnerabilities Creates National Security Risks

Hunton Privacy

The recent leak of an internal memo to the former Chair of the Federal Energy Regulatory Commission, which was widely reported by national news media, has created a national security setback for the United States. In an article published in Intelligent Utility Update , Hunton & Williams partner Paul M. Tiao discusses the effects of the leak on national security and on the relationship between the energy industry and the government.

Centralized vs. blockchain: A head-to-head comparison of storage requirements

CGI

In an earlier blog post, we addressed blockchain energy dependency. To explore this further, let’s zoom in on a real-life use case to compare a centrally governed system and a future blockchain-based system. Three producers of residual heat deliver to an energy wholesaler. The wholesaler is the network owner and, as such, the administrator tasked with ensuring that the producers are paid according to how much energy is delivered. Centralized data governance.

DOE and DHS Assess U.S. Readiness to Manage Potential Cyber Attacks

Hunton Privacy

On May 30, 2018, the federal government released a report that identifies gaps in assets and capabilities required to manage the consequences of a cyber attack on the U.S. Department of Energy (“DOE”) and the U.S. electrical utilities has been observed, the assessment references a December 2015 cyber attack on three Ukrainian electricity distribution companies.