By Jennifer Runyon, Clarion Events Content Director
According to the North American Electric Reliability Corporation (NERC), about 25% of its 1500 registered entities — comprised of customers, homeowners, and operators of the majority energy system in North America — indicated that they downloaded the impacted model of the Orion SolarWinds platform.
The utilities voluntarily reported to NERC that they’d downloaded the malicious software program whereas performing routine updates to their methods. They mentioned this in response to an Alert issued by NERC in December 2020 after the SolarWinds breach was found. A spokesperson for NERC defined in an e-mail that NERC usually points alerts “to assemble knowledge from entities about reliability or safety points.” NERC then analyzes the data it receives and sends its findings again to the entities to “increase consciousness and assist them develop mitigation methods,” the spokesperson mentioned.
“Helping our members to efficiently put together for and rebuff cyber and bodily assaults is essentially based mostly on the perception gained by this voluntary info sharing from asset proprietor operators and companions,” the spokesperson added.
The SolarWinds Orion platform is utilized by massive entities together with the U.S. authorities. Scott Sternfield, Chief Technology Officer with Agile Inclusion and Chair of the Cybersecuring the Grid Educational Track at DISTRIBUTECH International, mentioned he wasn’t shocked to study that roughly 345 U.S. utilities at the moment are in danger.
“Solarwinds is a very fashionable product for managing massive IT networks (which utilities are),” he mentioned in an emailed assertion, including, “The newest variations of the software program have been affected till the invention date, so utilities who have been following trade finest practices of protecting their software program updated nonetheless ended up impacted.”
Could the Grid Go Down?
In December 2015 three Ukraine distribution utilities have been cyber-attacked leading to a large energy outage. This was the primary recognized cyberattack on a powergrid and set a scary precedent for utilities worldwide.
Cybersecurity consultants Lila Kee, General Manager of GlobalSign North and South America, and Richard Brooks, CoFounder of Reliable Energy Analytics, each mentioned in an interview that the specter of a catastrophic occasion within the US could be very actual now that the malicious actors have already breached utility networks.
“I might say this can be a vulnerability that results in a giant publicity to the grid, particularly when it comes to ransomware, mentioned Kee.
Malicious actors may very well be wherever mentioned Brooks, “they are often sitting dormant simply ready for a message to reach.”
The two agree that stopping an intrusion earlier than it happens is essential and just lately authored an article for POWERGRID on the significance of understanding your software program invoice of supplies (SBOM).
“Once they’re strolling round within the community, it’s too late,” mentioned Kee. Brooks added software program assault this subtle is exceedingly tough to eradicate so having a enterprise continuity plan is crucial.
“It’s a very arduous drawback to resolve,” mentioned Brooks.
How Can Utilities Safeguard their Networks
As a part of the American Rescue Plan Act of 2021, the Biden Administration allotted $1.65 billion to companies throughout the authorities to spice up cybersecurity efforts. The companies embrace the Cybersecurity and Infrastructure Security Agency (CISA), which is heading up the response to the SolarWinds Corp breach and the Technology Modernization Fund, which is targeted on IT and authorities companies and likewise consists of cybersecurity.
— — — — —
Digitalization is among the content material tracks taking place at POWERGEN International Jan. 26-28 in Dallas. The POWERGEN Call for Abstracts is now open and searching for session concepts.