• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Orange reports major cyberattack, warns of service disruptions

 | 

Hackers leak images and comments from women dating safety app Tea

 | 

Pro-Ukraine hacktivists claim cyberattack on Russian Airline Aeroflot that caused the cancellation of +100 flights

 | 

Seychelles Commercial Bank Reported Cybersecurity Incident

 | 

Microsoft uncovers macOS flaw allowing bypass TCC protections and exposing sensitive data

 | 

U.S. CISA adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog

 | 

Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover

 | 

Scattered Spider targets VMware ESXi in using social engineering

 | 

China-linked group Fire Ant exploits VMware and F5 flaws since early 2025

 | 

Allianz Life data breach exposed the data of most of its 1.4M customers

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 55

 | 

Security Affairs newsletter Round 534 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Law enforcement operations seized BlackSuit ransomware gang’s darknet sites

 | 

Arizona woman sentenced for aiding North Korea in U.S. IT job fraud scheme

 | 

Operation CargoTalon targets Russia’s aerospace with EAGLET malware,

 | 

Unpatched flaw in EoL LG LNV5110R cameras lets hackers gain Admin access

 | 

Koske, a new AI-Generated Linux malware appears in the threat landscape

 | 

Mitel patches critical MiVoice MX-ONE Auth bypass flaw

 | 

Coyote malware is first-ever malware abusing Windows UI Automation

 | 

SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Security
  • The US DoE has awarded $34 million projects to secure the power grid

The US DoE has awarded $34 million projects to secure the power grid

Pierluigi Paganini August 22, 2016

The US Department of Energy (DOE) has awarded $34 million in funding to projects aimed at the protection of power grid from cyber attacks.

A cyber attack against a critical infrastructure is an event that government doesn’t exclude, for this reason, one of the pillars of their cyber strategy is the adoption of countermeasures to improve their resilience to cyber offensives.

The US Department of Energy (DOE) has awarded $34 million in funding to projects aimed at the protection of critical infrastructures, more in detail in securing the smart grid.

The US DoE under the Office of Electricity Delivery and Energy Reliability’s Cybersecurity of Energy Delivery Systems (CEDS) program has approved 12 projects with the intent to develop new solutions to protect critical infrastructure in the energy industry.

The energy industry is one of the sectors with the highest number of cyber attacks.

US oil and gas companies are under attack, over 80% of them have reported a significant increase in the number of cyber attacks in 2015. According to a study conducted by Tripwire, over the past year successful cyber attacks have increased as never before.

Tripwire interviewed 150 IT professionals in the energy industry working in oil, gas and electricity companies with the intent to evaluate the principal cyber threats and their impact on the sector.

82% of professionals declared that have seen an increase in the number of successful attacks, but most worrying data is that 53% claimed the frequency of attacks had risen between 50-100% over the last 30 days.

In March 2015, a report issued by the DHS ICS-CERT revealed that most critical infrastructure attacks involve APTs, but organizations lack monitoring capabilities.

energy industry power grid Tripwire report

The DOE confirmed that the projects will aim to enhance the “reliability and resilience” of US smart grids through “innovative, scalable, and cost-effective research.”

An attack against a power grid could have unpredictable consequences, a major attack on the power grid would cause chaos in the country by interrupting vital services for the population.

Terrorists have several options to hit a power grid, from a cyber attack on SCADA systems to an EMP attack, said the former Secretary of Defense William Cohen one year ago.

State-sponsored hackers, cyber terrorists are the main threat actors, but as confirmed by a recent research conducted by TrendMicro, also the cybercrime represents a serious menace.

Former senior CIA analyst and EMP Task Force On National Homeland Security Director, Dr. Peter Vincent Pry, told Newsmax TV that a cyber attack against the power grid could cause serious destruction and losses of lives.

Not only US power grid are under attack, In January 2015 the British Parliament revealed that UK Power Grid is under cyber attack from foreign hackers, but the emergency is for critical infrastructure worldwide.

In 2015, the Ukrainian power grid was shut down by a cyber attack, experts speculated the involvement of the infamous Black Energy malware specifically designed to target systems in the energy industry.

When dealing with cyber attacks against critical infrastructure, the most clamorous example is the Stuxnet malware that was used to compromise the Iran nuclear programme at the nuclear plant in Natanz.

Back to the DoE programs, the US Department recognized the following main areas of interest through the security projects:

  • Topic Area 1: “Detect Adversarial Manipulation of Energy Delivery Systems Components” – The focus is the ability to detect and respond to cyberattacks designed to avoid detection by exploiting routine operations normally performed by energy delivery systems.
  • Topic Area 2: “Secure Integration of Renewable Energy and Energy Efficiency Resources” – The focus is on making the integration of renewables onto the power grid at the generation, transmission and/or distribution levels more secure from cyber attacks. This may include the nexus of building control systems or plug-in hybrid vehicles with the power grid.
  • Topic Area 3: “Continual and Autonomous Reduction of Cyber Attack Surface for Energy Delivery Control Systems” – The focus is on reducing exposures of energy delivery systems to cyber attacks, thereby making the systems more secure.
  • Topic Area 4: “Supply Chain Cybersecurity for Energy Delivery Systems” – The focus is on detecting hostile hardware, firmware (combination of hardware and software), and/or software introduced at some point during the manufacture of energy delivery systems.
  • Topic Area 5: “Innovative Technologies That Enhance Cybersecurity in the Energy Sector” – The focus will be on identifying gaps in the Roadmap to Achieve Energy Delivery Systems Cybersecurity and proposing innovative technical solutions to the identified risk. The twelve projects selected for awards are outlined below.

The DOE Award Selections for the Development of Next Generation Cybersecurity Technologies and Tools includes the list of projects funded by the US Government. Below some example of the awarded projects:

General Electrics will “develop and demonstrate an automatic cyberattack anomaly detection and accommodation (ADA) system for power plants that will detect and respond to cyber-disruptions caused by cyber-attacks, and attacks against the cyber-physical interface.”

The Schweitzer Engineering Laboratories “will develop a technology that will detect adversarial manipulation of energy delivery control systems by allowing control system operators to automatically identify undesired behavior, contain the affected network areas, and re-route critical information to keep systems operational.”

Intel “will develop a security architecture solution to securely connect energy infrastructure devices to the cloud to allow the devices to interact with each other. Intel will demonstrate that the cyber-attack surface of energy delivery control systems can be continuously and autonomously reduced in a way that does not impede normal critical energy delivery functions”.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – energy industry, power grid)

[adrotate banner=”13″]


facebook linkedin twitter

APT cyber security energy industry Hacking malware power grid Ukraine

you might also like

Pierluigi Paganini July 29, 2025
Orange reports major cyberattack, warns of service disruptions
Read more
Pierluigi Paganini July 29, 2025
Hackers leak images and comments from women dating safety app Tea
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Orange reports major cyberattack, warns of service disruptions

    Security / July 29, 2025

    Hackers leak images and comments from women dating safety app Tea

    Data Breach / July 29, 2025

    Pro-Ukraine hacktivists claim cyberattack on Russian Airline Aeroflot that caused the cancellation of +100 flights

    Hacktivism / July 29, 2025

    Seychelles Commercial Bank Reported Cybersecurity Incident

    Data Breach / July 29, 2025

    Microsoft uncovers macOS flaw allowing bypass TCC protections and exposing sensitive data

    Hacking / July 29, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT