January Dinner Meeting: Cyber Security

January 26, 2021
5:00 PM - 6:00 PM
 Add to Calendar

Teleconference
Refer to link below to register

Webinar Registration Link
 Directions

1 PDH Credit

 

Course Description:

Cybersecurity on the electric grid is a moving target, and to develop a moving target defense is not easy. So the question about US electric grid being affected in some form due to an outrageous cyber-attack is not IF, the question is WHEN. Two years ago, US government accused Russia of remotely targeting the US power grid (https://www.cnn.com/2018/03/15/politics/dhs-fbi-russia-power-grid/index.html) by using a multi-stage effort to target specific government entities and critical infrastructure. Similarly, the National Cyber Awareness System which is a joint effort between DHS and FBI, reported that a multi-stage intrusion campaign by Russian government cyber actors targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks. After obtaining access, the cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS) (https://www.us-cert.gov/ncas/alerts/TA18-074A).

 

Between 2013–2019, more than 14 billion data records were lost or stolen across the globe, averaging nearly 5 million data records lost per day for more than 6 years. Some of the examples are directly related to the SCADA systems like the Ukraine power plant attack which happened in 2015 in which hackers used BlackEnergy malware to gain control of their SCADA systems and remotely switched off their 30 substations thereby depriving almost 230,000 users from electricity for almost 6 hours. Similarly, the Dragon fly 2.0 campaign in 2015 and 2017 in which hackers used spear phishing, Trojan-ware and watering hole attacks to target the western energy sector of USA. Existing cybersecurity frameworks address cybersecurity issues that are related to the distribution grid as whole, but there are not sufficient guidelines and procedures that can help vendors, utilities, aggregators, government institutions, and other industry partners adopt and implement the procedures to secure the data and communications of DERs that are connected to the distribution grid. So far, both public and private companies around the world have been funding the kind of research that are very low on the kind of action items that are absolutely required right now to secure the grid. There has to be a change in paradigm if we want to stay ahead of upcoming potential threats. The change is to develop the habit of funding the Need Based Research, to support the development of stringent cybersecurity policies that could be applicable to a large number of systems, and to develop a consensus-based test plan for those cybersecure functionalities that could be integrated within the DER devices and can be standardized later. In an effort to ensure that we stay focused and ahead of upcoming cyber threats, the IEEE 1547.3, SunSpec and National labs have joined hands together and decided to put an aggressive deadline for few of the standards and policies that we are currently working on.

 

Speaker Bio:

Will Hupp is a Cybersecurity Systems Researcher in the Energy Security and Resilience Center at the National Renewable Energy Laboratory (NREL).  His research focuses are in distributed energy resource (DER) cybersecurity and grid vulnerability mitigation technologies. Mr. Hupp is working with standards development organizations and industry to inform and develop standards for DER cybersecurity at the device, network, and system level. Additionally, he is a developer for a security module called ModuleOT which protects the data and communications of resources on the distribution grid. He holds a B.S. in Computer Science and M.S. in Cyber Security from Florida State University.