Thank you for Your Excellent Contributions to 100% Renewable: U.S. warns businesses of hacking campaign against nuclear, energy firms | Reuters

East End Resilience Network

4 cover

cybersecurity, grid reliability, DERs

Dear Colleagues,

Thank you for your excellent contributions to the 100% Renewable Energy Forum and associated side meetings.

I want to bring the article below and the issue of cyberattacks on the Long Island Energy Grid to your attention. From the the Ransomware attacks this past week in Europe and the Ukraine, and the ISIS attack on the Brookhaven Town government website, it is clear that there is a high probability that the central grid on South Fork will be impacted in the short-term to middle-term. As a consequence of this threat and the mounting probability of central grid collapses for other reasons many associated with climate changes (e.g., thermal effects on distribution lines, brownouts and blackouts from peak load problems, and impact from severe storms), The South Fork Grid consortium is moving forward with demonstration projects, test beds, and pilots to enable energy co-ops focused on 100% renewable energy systems with islandable capacities.

Please let us know if you have comments of questions.

Mike

Michael D. McDonald, Dr.P.H.

Coordinator
East End Resilience Network
New York Resilience System Initiative

Member
Long Island REV Grid Consortium

Chairman
Oviar - Energy

Cell: 202-468-7899
Michael.D.McDonald@mac.com <mailto:Michael.D.McDonald@mac.com>

http://newyork.resiliencesystem.org

>
> http://www.reuters.com/article/us-usa-cyber-energy-idUSKBN19L2Z9?il=0 <http://www.reuters.com/article/us-usa-cyber-energy-idUSKBN19L2Z9?il=0>
>
> U.S. warns businesses of hacking campaign against nuclear, energy firms
> Jim Finkle </journalists/jim-finkle>
> | TORONTO
> The U.S government warned industrial firms this week about a hacking campaign targeting the nuclear and energy sectors, the latest event to highlight the power industry's vulnerability to cyber attacks.
>
> Since at least May, hackers used tainted "phishing" emails to "harvest credentials" so they could gain access to networks of their targets, according to a joint report from the U.S. Department of Homeland Security and Federal Bureau of Investigation.
>
> The report provided to the industrial firms was reviewed by Reuters on Friday. While disclosing attacks, and warning that in some cases hackers succeeded in compromising the networks of their targets, it did not identify any specific victims.
>
> "Historically, cyber actors have strategically targeted the energy sector with various goals ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict," the report said.
>
> Homeland Security and FBI officials could not be reached for comment on the report, which was dated June 28.
>
> The report was released during a week of heavy hacking activity.
>
> A virus dubbed "NotPetya" attacked on Tuesday, spreading from initial infections in Ukraine to businesses around the globe. It encrypted data on infected machines, rendering them inoperable and disrupting activity at ports, law firms and factories.
>
> On Tuesday the energy-industry news site E&E News reported that U.S. investigators were looking into cyber intrusions this year at multiple nuclear power generators.
>
> Reuters has not confirmed details of the E&E News report, which said there was no evidence safety systems had been compromised at affected plants.
>
> The activity described in the U.S. government report comes at a time when industrial firms are particularly anxious about threat that hackers pose to their operations.
>
> Industrial firms, including power providers and other utilities, have been particularly worried about the potential for destructive cyber attacks since December 2016, when hackers cut electricity in Ukraine.
>
> U.S. nuclear power generators PSEG (PEG.N </finance/stocks/overview?symbol=PEG.N>), SCANA Corp (SCG.N </finance/stocks/overview?symbol=SCG.N>) and Entergy Corp (ETR.N </finance/stocks/overview?symbol=ETR.N>) said they were not impacted by the recent cyber attacks. SCANA's V.C. Summer nuclear plant in South Carolina shut down on Thursday due to a problem with a valve in the non-nuclear portion of the plant, a spokesman said.
>
> Another nuclear power generator, Dominion Energy (D.N </finance/stocks/overview?symbol=D.N>), said it does not comment on cyber security.
>
> Two cyber security firms said on June 12 that they had identified the malicious software used in the Ukraine attack, which they dubbed Industroyer, warning that it could be easily modified to attack utilities in the United States and Europe.
>
> Industroyer is only the second piece of malware uncovered to date that is capable of disrupting industrial processes without the need for hackers to manually intervene.
>
> The first, Stuxnet, was discovered in 2010 and is widely believed by security researchers to have been used by the United States and Israel to attack Iran's nuclear program.
>
> The U.S. government report said attackers conducted reconnaissance to gain information about the individuals whose computers they sought to infect so that they create "decoy documents" on topics of interest to their targets.
>
> In an analysis, it described 11 files used in the attacks, including malware downloaders and tools that allow the hackers to take remote control of victim's computers and travel across their networks.
>
> Chevron Corp (CVX.N </finance/stocks/overview?symbol=CVX.N>), Exxon Mobil Corp (XOM.N </finance/stocks/overview?symbol=XOM.N>) and ConocoPhillips (COP.N </finance/stocks/overview?symbol=COP.N>), the three largest U.S. oil producers, declined to comment on their network security.
>
> (Reporting by Jim Finkle; Additional reporting by Timothy Gardner in Washington and Ernest Scheyder in Houston; editing by Grant McCool and Tom Brown)
>