NewEnergyNews: ORIGINAL REPORTING: Designing A Cybersecure Power System


Gleanings from the web and the world, condensed for convenience, illustrated for enlightenment, arranged for impact...

The challenge now: To make every day Earth Day.


  • Weekend Video: Energy Sec. Granholm On The Big Apple’s Big Greening
  • Weekend Video: Data From The Global EV Boom
  • Weekend Video: Ghost Forests May Haunt Climate Deniers

  • FRIDAY WORLD HEADLINE-New Energy Took The World In 2022
  • FRIDAY WORLD HEADLINE-Law And The Global Climate Crisis

  • Weekend Video: Tipping Points Loom As Solutions Emerge
  • Weekend Video: The Answer Is In The Energy Sector
  • Weekend Video: Heat And The Global Climate Crisis


  • TTTA Wednesday-ORIGINAL REPORTING: Better Planning For A Better Power System
  • TTTA Wednesday-Major Western Transmission Project Finally Gets Green Light

  • Monday Study – Transmission Queue Clog Getting Worse
  • --------------------------


    Founding Editor Herman K. Trabish



    Some details about NewEnergyNews and the man behind the curtain: Herman K. Trabish, Agua Dulce, CA., Doctor with my hands, Writer with my head, Student of New Energy and Human Experience with my heart




      A tip of the NewEnergyNews cap to Phillip Garcia for crucial assistance in the design implementation of this site. Thanks, Phillip.


    Pay a visit to the HARRY BOYKOFF page at Basketball Reference, sponsored by NewEnergyNews and Oil In Their Blood.

  • ---------------
  • WEEKEND VIDEOS, May 27-28
  • The Climate Crisis Spikes Home Insurance Price
  • How To Beat The Crisis
  • New Support For Hydropower

    Wednesday, April 12, 2023

    ORIGINAL REPORTING: Designing A Cybersecure Power System

    New power system cybersecurity architectures can be ‘vaults’ against insider attacks, analysts say; Layered, automated, deep defenses for growing distribution system vulnerabilities will be tested by an NREL-private partnership.

    Herman K. Trabish, February 17, 2023 (Utility Dive)

    Editor’s note: Threats and protections continue to grapple over the fate of the power system.

    New utility cybersecurity strategies are needed to counter sophisticated intrusions now threatening the operations of an increasingly distributed power system’s widening attack surface, security analysts agree.

    There are cyber vulnerabilities in “every piece of hardware and software” being added to the power system, the September 2022 Cybersecurity and Infrastructure Security Agency, or CISA, Strategic Plan 2023-25 for U.S. cybersecurity reported. Yet 2022 saw U.S. utilities propose $29.22 billion for hardware and software-dependent modernizations, the North Carolina Clean Energy Technology Center reported Feb. 1.

    New hardware and software can allow malicious actors to have insider access through utilities’ firewalled internet technology to vital operations technology, cyber analysts said. “No amount of traditional security will block the insider threat to critical infrastructure,” said Erfan Ibrahim, CEO and founder of independent cybersecurity consultant The Bit Bazaar. “The mindset of trusted versus untrusted users must be replaced with a new zero trust paradigm with multiple levels of authentication and monitoring,” he added.

    Growing “distribution system entry points” make “keeping hackers away from operations infrastructure almost unworkable,” agreed CEO Duncan Greatwood of cybersecurity provider Xage. But distributed resources can provide “resilience” if a distributed cybersecurity architecture “mirrors” the structure of the distribution system where they are growing to “contain and isolate intrusions before they spread to operations,” he said.

    New multi-level cybersecurity designs can provide both rapid automated distributed protections for distributed resources and layers of protections for core assets, cybersecurity providers said. But the new strategies remain at the concept stage and many utilities remain unwilling to take on the costs and complexities of cybersecurity modernization, analysts said.

    Critical infrastructure is already vulnerable to insider attacks. After the 2021 Colonial Pipeline shutdown, a 2019-2020 attack known as SUNBURST and directed against U.S. online corporate and government networks, and Russia’s 2015 shutdown of Ukraine’s power system, 14 of the 16 2021 ransomware attacks on U.S. “critical infrastructure” sectors, including the energy sector, the FBI reported. And new vulnerabilities allowed attacks that also caused data losses, disrupted network traffic, and even denial-of-service shutdowns, according to technological and research firm Gartnerclick here for more


    Post a Comment

    << Home