Articles

US bulk energy providers must now report attempted breaches

US bulk energy providers must now report attempted breaches as well as successful breaches. Guidance is murky over what constitutes an “attempted” breach.

One of the most pernicious aspects of the far-reaching and potentially devastating SolarWinds supply chain hack is that it successfully evaded detection for at least ten months by hiding inside seemingly normal software operations. The hack of SolarWinds’ Orion product enabled Russian actors to embed surveillance malware into widely used management software. It pushed the so-called SUNBURST malware deep into public and private networks using the invisibility cloak of ordinary activity, causing no harm or disruption as it silently operated.

The SolarWinds hack is largely considered a turbo-charged nation-state espionage campaign. Most experts, however, won’t rule out that out the possibility that the Russian intelligence team behind the breach weren’t also paving the way for attacks that could damage operations. One of the biggest concerns about the hack’s impact is how it affected the nation’s power grid.

New regulations aimed at spotting attempted compromises in the power grid that don’t cause damage, like SolarWinds, went into effect on January 1, 2021. It’s not at all clear that the new requirements will help the energy industry spot these kinds of attacks.

This article appeared in CSO Online. To read the rest of the article please visit here.

 

 

Articles

FEATURE – The Mysterious Case of the Missing 250-Ton…

lead centered=”no”
In May, the Trump administration seized a $3 million transformer on its way to Colorado. What happened to it, and where is it now?
/lead

In May, the Trump administration seized a 250-ton, $3 million Chinese high-voltage transformer that was on its way to Colorado. It was taken to Sandia National Labs in New Mexico for reasons unknown. What happened to it still remains a mystery.

On May 1, the Trump Administration issued a surprise Executive Order (EO), “Securing the United States Bulk Power System.” The directive aims to keep critical equipment supplied by foreign adversaries out of the nation’s power grid due to supposed supply chain security threats. It requires the Secretary of Energy to work with other agencies in identifying the specific equipment from adversarial suppliers, particularly Chinese suppliers, that the government should bar from the bulk-power system.

The Department of Energy (DOE) has to issue relevant rules on the matter within 150 days, or by September 28. Shortly after the EO’s release came the surprising revelation that a federally owned utility managed by DOE, the Western Area Power Administration (WAPA), hijacked a nearly $3 million Chinese-manufactured transformer initially intended for one of its substations in Colorado. WAPA instead diverted it to one of DOE’s national laboratories, Sandia National Labs, in New Mexico.

The manufacturer of the high-voltage 500,000-pound transformer was Chinese company JiangSu HuaPeng Transformer Co., Ltd., or JSHP, which shipped the transformer from Shanghai to the Port of Houston in August 2019.JSHP’s North American representative Jim Cai told Motherboard his company planned to spend a couple of hundred thousand dollars to transport the high-grade steel using a particular kind of railroad car to WAPA’s Ault substation in Colorado, where JSHP would then install it. Like all electric substations, the Ault facility’s main purpose is to “step down” high-voltage electricity, typically above 1,000 volts, to lower, more manageable levels that can be distributed safely to homes and businesses.

Before the ship docked in Texas, WAPA told JSHP to cancel its plans to transport and install the transformer and to forget about selling a warranty on the equipment, which is almost always mandatory for highly specialized, expensive electrical system equipment. The utility then transported the transformer itself to Sandia. Since then, WAPA and DOE have been silent on this odd development, which has sparked confusion and concerns among utilities and industrial control system (ICS) security specialists.

This article appeared in Vice News. To read the rest of the article please visit here.

Photo by ETA+ on Unsplash