Pierluigi Paganini August 22, 2016

The US Department of Energy (DOE) has awarded $34 million in funding to projects aimed at the protection of power grid from cyber attacks.

A cyber attack against a critical infrastructure is an event that government doesn’t exclude, for this reason, one of the pillars of their cyber strategy is the adoption of countermeasures to improve their resilience to cyber offensives.

The US Department of Energy (DOE) has awarded $34 million in funding to projects aimed at the protection of critical infrastructures, more in detail in securing the smart grid.

The US DoE under the Office of Electricity Delivery and Energy Reliability’s Cybersecurity of Energy Delivery Systems (CEDS) program has approved 12 projects with the intent to develop new solutions to protect critical infrastructure in the energy industry.

The energy industry is one of the sectors with the highest number of cyber attacks.

US oil and gas companies are under attack, over 80% of them have reported a significant increase in the number of cyber attacks in 2015. According to a study conducted by Tripwire, over the past year successful cyber attacks have increased as never before.

Tripwire interviewed 150 IT professionals in the energy industry working in oil, gas and electricity companies with the intent to evaluate the principal cyber threats and their impact on the sector.

82% of professionals declared that have seen an increase in the number of successful attacks, but most worrying data is that 53% claimed the frequency of attacks had risen between 50-100% over the last 30 days.

In March 2015, a report issued by the DHS ICS-CERT revealed that most critical infrastructure attacks involve APTs, but organizations lack monitoring capabilities.

The DOE confirmed that the projects will aim to enhance the “reliability and resilience” of US smart grids through “innovative, scalable, and cost-effective research.”

An attack against a power grid could have unpredictable consequences, a major attack on the power grid would cause chaos in the country by interrupting vital services for the population.

Terrorists have several options to hit a power grid, from a cyber attack on SCADA systems to an EMP attack, said the former Secretary of Defense William Cohen one year ago.

State-sponsored hackers, cyber terrorists are the main threat actors, but as confirmed by a recent research conducted by TrendMicro, also the cybercrime represents a serious menace.

Former senior CIA analyst and EMP Task Force On National Homeland Security Director, Dr. Peter Vincent Pry, told Newsmax TV that a cyber attack against the power grid could cause serious destruction and losses of lives.

Not only US power grid are under attack, In January 2015 the British Parliament revealed that UK Power Grid is under cyber attack from foreign hackers, but the emergency is for critical infrastructure worldwide.

In 2015, the Ukrainian power grid was shut down by a cyber attack, experts speculated the involvement of the infamous Black Energy malware specifically designed to target systems in the energy industry.

When dealing with cyber attacks against critical infrastructure, the most clamorous example is the Stuxnet malware that was used to compromise the Iran nuclear programme at the nuclear plant in Natanz.

Back to the DoE programs, the US Department recognized the following main areas of interest through the security projects:

• Topic Area 1: “Detect Adversarial Manipulation of Energy Delivery Systems Components” – The focus is the ability to detect and respond to cyberattacks designed to avoid detection by exploiting routine operations normally performed by energy delivery systems.
• Topic Area 2: “Secure Integration of Renewable Energy and Energy Efficiency Resources” – The focus is on making the integration of renewables onto the power grid at the generation, transmission and/or distribution levels more secure from cyber attacks. This may include the nexus of building control systems or plug-in hybrid vehicles with the power grid.
• Topic Area 3: “Continual and Autonomous Reduction of Cyber Attack Surface for Energy Delivery Control Systems” – The focus is on reducing exposures of energy delivery systems to cyber attacks, thereby making the systems more secure.
• Topic Area 4: “Supply Chain Cybersecurity for Energy Delivery Systems” – The focus is on detecting hostile hardware, firmware (combination of hardware and software), and/or software introduced at some point during the manufacture of energy delivery systems.
• Topic Area 5: “Innovative Technologies That Enhance Cybersecurity in the Energy Sector” – The focus will be on identifying gaps in the Roadmap to Achieve Energy Delivery Systems Cybersecurity and proposing innovative technical solutions to the identified risk. The twelve projects selected for awards are outlined below.

The DOE Award Selections for the Development of Next Generation Cybersecurity Technologies and Tools includes the list of projects funded by the US Government. Below some example of the awarded projects:

General Electrics will “develop and demonstrate an automatic cyberattack anomaly detection and accommodation (ADA) system for power plants that will detect and respond to cyber-disruptions caused by cyber-attacks, and attacks against the cyber-physical interface.”

The Schweitzer Engineering Laboratories “will develop a technology that will detect adversarial manipulation of energy delivery control systems by allowing control system operators to automatically identify undesired behavior, contain the affected network areas, and re-route critical information to keep systems operational.”

Intel “will develop a security architecture solution to securely connect energy infrastructure devices to the cloud to allow the devices to interact with each other. Intel will demonstrate that the cyber-attack surface of energy delivery control systems can be continuously and autonomously reduced in a way that does not impede normal critical energy delivery functions”.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – energy industry, power grid)

[adrotate banner=”13″]