DoS attack the caused disruption at US power utility exploited a known flaw

Security Affairs

A DoS attack that caused disruptions at a power utility in the United States exploited a flaw in a firewall used in the facility. In May, the Department of Energy confirmed that on March 5, 2019, between 9 a.m. SecurityAffairs – power utility, hacking).

US Utilities Targeted with LookBack RAT in a new phishing campaign

Security Affairs

Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. targeting three US companies in the utility sector.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cybersecurity in utilities: Critical questions for securing distributed energy resources (DERs)

CGI

Cybersecurity in utilities: Critical questions for securing distributed energy resources (DERs). The energy transition is driving a shift toward the increasing use of distributed energy resources (DERs). Security is no longer just an IT responsibility.

Dept. of Energy announced the Liberty Eclipse exercise to test electrical grid against cyber attacks

Security Affairs

This is the first time the Department of Energy will test the electrical grid’s ability to recover from a blackout caused by cyberattacks. “Utilities can’t just flip a few switches to bring the lights on following a major shutdown.

European cooperation on flexibility to accelerate the energy transition

CGI

European cooperation on flexibility to accelerate the energy transition. Early in September, we invited a number of our clients from around Europe to participate in a roundtable discussion on energy flexibility. Read more about energy flexibility.

Why Russian APT Fancy Bear hacked the Ukrainian energy firm Burisma?

Security Affairs

Russia-linked cyber-espionage group hacked the Ukrainian energy company Burisma at the center of the impeachment trial of US President Donald Trump. The attack was detailed by California-based cybersecurity firm Area 1 Security in a report. appeared first on Security Affairs.

Department of Energy Announces New Efforts in Energy Sector Cybersecurity

Hunton Privacy

On May 14, 2018, the Department of Energy (“DOE”) Office of Electricity Delivery & Energy Reliability released its Multiyear Plan for Energy Sector Cybersecurity (the “Plan”). The Plan is significantly guided by DOE’s 2006 Roadmap to Secure Control Systems in the Energy Sector and 2011 Roadmap to Achieve Energy Delivery Systems Cybersecurity. Multiyear Plan for Energy Sector Cybersecurity. energy sector.

Embracing digital technologies to build a low-carbon society: Are local energy communities the answer?

CGI

Embracing digital technologies to build a low-carbon society: Are local energy communities the answer? Are local energy communities the answer? The current energy system is demand led and is a centralized top-down system—essentially one-way traffic from production to consumption.

Darwin’s advice to the energy sector: get agile!

CGI

Darwin’s advice to the energy sector: get agile! What does Charles Darwin have to do with digital transformation in the energy sector? Biggest challenges for the energy sector. This scenario will be enabled through so-called microgrids and energy islands. .

Delivering on the benefits of data: How utilities can get the first-mover advantage

CGI

Delivering on the benefits of data: How utilities can get the first-mover advantage. With the energy transition underway, there is a similar bold “rethink” taking place in the way energy companies view solutions, particularly around managing data.

'Cyber blindspot' threatens energy companies spending too little

Information Management Resources

Amid rising threats, utilities are now spending less than 0.2 Cyber security Data security Cyber attackspercent of their revenue on cybersecurity, at least a third less than financial institutions.

Not all blockchains are created equal when it comes to energy consumption

CGI

Not all blockchains are created equal when it comes to energy consumption. As we talk with clients about blockchain implementations at scale, a question we often get is, “What about the high-energy consumption?” How that trust is built affects the amount of energy required.

FERC issues notice of proposed rulemaking to extend reporting requirements for cyberattacks targeting the energy sector

Data Protection Report

Department of Homeland Security (DHS) held public briefings about an attempt by a state-sponsored Russian hacking group to target control systems for U.S. DHS’ webinar explained that the hackers obtained access to vendors providing computer services to electric utilities companies. This initial access enabled the hackers to gain entry to power company control systems through a complex series of security compromises lasting quite some time. On July 23 and 25, 2018, the U.S.

Breach Reveal: PG&E Exposed 30,000 Sensitive Records

Data Breach Today

Previously Unnamed Utility Reached Record $2.7 energy company that agreed to a record $2.7 Million Settlement Agreement A previously unnamed U.S.

European Utility Week 2018: Top 5 takeaways and the call to ‘journey together’

CGI

European Utility Week 2018: Top 5 takeaways and the call to ‘journey together’. This ancient African proverb sums up, quite accurately, the sentiment at the recently concluded European Utility Week (EUW) 2018. Ensuring system stability and grid security.

Scanning for Flaws, Scoring for Security

Krebs on Security

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices?

The Growing Presence (and Security Risks) of IoT

Thales eSecurity

That pace is unlikely to slow down over the coming years; Pagely noted that organizations are still turning to IoT devices as a way to automate and optimize their business processes as well as save on energy costs. Meet security compliance regulations. Data security

IoT 127

Electrification: a lottery ticket that utilities must claim

CGI

Electrification: a lottery ticket that utilities must claim. Utilities face a fundamental dilemma. Due to unprecedented pressure to support the move to an energy-efficient and low-carbon system, they face the paradox of encouraging consumers to consume less of what they sell and distribute—electricity. Is there a lottery ticket for utilities around the corner ? However, this will not happen without a strong commitment and effort from utilities.

Securing the electricity network: Understanding the unique ICS environment of a utility

CGI

Securing the electricity network: Understanding the unique ICS environment of a utility. As utilities and energy delivery systems begin to seek the benefits that the convergence of information technology (IT) and operational technology (OT) offers, they also face the challenge of increased vulnerability to cyberattacks. Potential impact of security breaches. More points to secure. Securing the future.

Utilities Digital Journey Insights (Part 3): Data, the new “digital capital” - Going beyond the hype of advanced analytics and AI

CGI

Utilities Digital Journey Insights (Part 3): Data, the new “digital capital” - Going beyond the hype of advanced analytics and AI. This series of blog posts builds on the 2018 CGI Client Global Insights, providing insights into how utilities are making progress toward digital transformation.

Tiao Discusses Utilities’ Concerns in Sharing Information with the Government

Hunton Privacy

Tiao was featured on Platts Energy Week discussing the importance of the homeland security partnership between electric utility companies and the U.S. Utilities Wary of Sharing Grid Risks,” Tiao talked about the recent leak to The Wall Street Journal of a sensitive internal memo at the Federal Energy Regulatory Commission that revealed potential vulnerabilities in the electricity grid. View the Platts Energy Week feature with Paul Tiao.

DHS and FBI – Hackers Are Targeting US Nuclear, Energy, and Manufacturing Facilities

Privacy and Cybersecurity Law

According to a new joint report issued by the US Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), hackers have been penetrating the computer networks of companies that operate nuclear power stations, energy facilities, and manufacturing plants in the US since May 2017. If you or your enterprise is engaged in the energy or manufacturing sectors, cyber threat preparation and monitoring is your first line of defense against bad actors.

Kali Project Encryption and Isolation Using Vagrant and BitLocker

Perficient Data & Analytics

Once the disk is mounted, the script invokes the BitLocker utility to encrypt the drive. Once we’ve found the correct storage image, then it can be encrypted using the Virtualbox management utility.

What the Blockchain Taught Us about IT Security

Security Affairs

It is not just about security, but in utilizing Blockchain to secure your company and your information. But it is not just about security, but in utilizing Blockchains to secure your company and your information. Energy Efficiency.

A ‘Cyber Event’ disrupted power grid operations in three US states

Security Affairs

The Department of Energy confirmed that in March a cyber event disrupted power grid operations in California, Wyoming, and Utah. The Department of Energy confirmed that on March 2019, between 9 a.m. a cyber event disrupted energy grid operations in California, Wyoming, and Utah. The report doesn’t include the name of the utility company that suffered the incident. utilities are required to notify DOE within one hour of a cyber attack against their systems.

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

The Last Watchdog

And yet we are overlooking profound privacy and security ramifications. billion IoT devices in use as of 2017, half are consumer gadgets, like smart TVs, speakers, watches, baby cams and home thermostats; much of the rest is made up of things like smart electric meters and security cameras in corporate and government use. This will be led by the manufacturing, consumer, transportation and utilities sectors. Security-by-design lacking.

IoT 152

Johannesburg residents left in the dark after a ransomware attack at City Power

Security Affairs

South African electric utility City Power that provides energy to the city of Johannesburg, has suffered serious disruptions after a ransomware attack. The post Johannesburg residents left in the dark after a ransomware attack at City Power appeared first on Security Affairs.

Protecting America’s Critical Infrastructure

Thales eSecurity

From taking a shower, to brewing your coffee, and watching the news, your morning routine is fueled by the energy sector. Unfortunately, the energy sector is of great interest to cyber attackers today. Best Practices to Secure Critical Infrastructure. Data security

Episode 162: Have We missed Electric Grid Cyber Attacks for Years? Also: Breaking Bad Security Habits

The Security Ledger

» Related Stories Spotlight Podcast: Security Automation is (and isn’t) the Future of Infosec Episode 159: Deep Fakes and Election (in)Security with ZeroFOX Spotlight Podcast: Rethinking Your Third Party Cyber Risk Strategy.

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

Krebs on Security

Hy-Vee said it believes the breach does not affect payment card terminals used at its grocery store checkout lanes, pharmacies or convenience stores, as these systems rely on a security technology designed to defeat card-skimming malware.

Sales 285

DHS CISA warns of Critical issues in Medtronic Medical equipment

Security Affairs

Department of Homeland Security (DHS) warns of critical flaws impacting Medtronic Valleylab products that could allow hackers to overwrite files and achieve remote code execution. and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0

A ‘Cyber Event’ disrupted power grid operations in three US states

Security Affairs

The Department of Energy confirmed that in March a cyber event disrupted power grid operations in California, Wyoming, and Utah. The Department of Energy confirmed that on March 2019, between 9 a.m. a cyber event disrupted energy grid operations in California, Wyoming, and Utah. The report doesn’t include the name of the utility company that suffered the incident. utilities are required to notify DOE within one hour of a cyber attack against their systems.

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

The Last Watchdog

Department of Homeland Security issued a bulletin calling out Iran’s “robust cyber program,” and cautioning everyone to be prepared for Iran to “conduct operations in the United States.” Before that, Middle East computer security was almost non-existent.

Leak of Grid Vulnerabilities Creates National Security Risks

Hunton Privacy

The recent leak of an internal memo to the former Chair of the Federal Energy Regulatory Commission, which was widely reported by national news media, has created a national security setback for the United States. In an article published in Intelligent Utility Update , Hunton & Williams partner Paul M. Tiao discusses the effects of the leak on national security and on the relationship between the energy industry and the government.

Iran-linked APT33 updates infrastructure following its public disclosure

Security Affairs

The APT33 group has been around since at least 2013, since mid-2016, the group targeted the aviation industry and energy companies with connections to petrochemical production. The post Iran-linked APT33 updates infrastructure following its public disclosure appeared first on Security Affairs.

NYT Report: U.S. Cyber units planted destructive Malware in Russian Power Grid

Security Affairs

” In July 2018, the US Department of Homeland Security declared that Russia’s APT groups have already penetrated America’s critical infrastructure, especially power utilities, and continue to target them.

Heading toward a data bright future: key takeaways from the 8th CGI Central Market Debate

CGI

Are there learnings for the utilities industry from an augmented reality game’s incredible 19-day time-to-market, or the possibility that flying taxis could become cheaper than owning a car? For many liberalized energy markets, identifying data ownership is a challenge.