Mojave mirrors to provide solar power

Ukraine-ENTSO-E Grid Synchronization links Ukraine and Moldova to the European grid via secure interconnection, matching frequency for stability, resilience, and energy security, enabling cross-border support, islanding recovery, and coordinated load balancing during wartime disruptions.

Key Points

Rapid alignment of Ukraine and Moldova into the European grid to enable secure interconnection and system stability.

✅ Matches 50 Hz frequency across interconnected systems

✅ Enables cross-border support and electricity trading

✅ Improves resilience, stability, and energy security

On February 24 Ukraine’s electric grid operator disconnected the country’s power system from the larger Russian-operated network to which it had always been linked. The long-planned disconnection was meant to be a 72-hour trial proving that Ukraine could operate on its own and to protect electricity supply before winter as contingencies were tested. The test was a requirement for eventually linking with the European grid, which Ukraine had been working toward since 2017. But four hours after the exercise started, Russia invaded.

Ukraine’s connection to Europe—which was not supposed to occur until 2023—became urgent, and engineers aimed to safely achieve it in just a matter of weeks. On March 16 they reached the key milestone of synchronizing the two systems. It was “a year’s work in two weeks,” according to a statement by Kadri Simson, the European Union commissioner for energy. That is unusual in this field. “For [power grid operators] to move this quickly and with such agility is unprecedented,” says Paul Deane, an energy policy researcher at the University College Cork in Ireland. “No power system has ever synchronized this quickly before.”

Ukraine initiated the process of joining Europe’s grid in 2005 and began working toward that goal in earnest in 2017, as did Moldova. It was part of an ongoing effort to align with Europe, as seen in the Baltic states’ disconnection from the Russian grid, and decrease reliance on Russia, which had repeatedly threatened Ukraine’s sovereignty. “Ukraine simply wanted to decouple from Russian dominance in every sense of the word, and the grid is part of that,” says Suriya Jayanti, an Eastern European policy expert and former U.S. diplomat who served as energy chief at the U.S. embassy in Kyiv from 2018 to 2020.

After the late February trial period, Ukrenergo, the Ukrainian grid operator, had intended to temporarily rejoin the system that powers Russia and Belarus. But the Russian invasion made that untenable. “That left Ukraine in isolation mode, which would be incredibly dangerous from a power supply perspective,” Jayanti says. “It means that there’s nowhere for Ukraine to import electricity from. It’s an orphan.” That was a particularly precarious situation given Russian attacks on key energy infrastructure such as the Zaporizhzhia nuclear power plant and ongoing strikes on Ukraine’s power grid that posed continuing risks. (According to Jayanti, Ukraine’s grid was ultimately able to run alone for as long as it did because power demand dropped by about a third as Ukrainians fled the country.)

Three days after the invasion, Ukrenergo sent a letter to the European Network of Transmission System Operators for Electricity (ENTSO-E) requesting authorization to connect to the European grid early. Moldelectrica, the Moldovan operator, made the same request the following day. While European operators wanted to support Ukraine, they had to protect their own grids, amid renewed focus on protecting the U.S. power grid from Russian hacking, so the emergency connection process had to be done carefully. “Utilities and system operators are notoriously risk-averse because the job is to keep the lights on, to keep everyone safe,” says Laura Mehigan, an energy researcher at University College Cork.

An electric grid is a network of power-generating sources and transmission infrastructure that produces electricity and carries it from places such as power plants, wind farms and solar arrays to houses, hospitals and public transit systems. “You can’t just experiment with a power system and hope that it works,” Deane says. Getting power where it is it needed when it is needed is an intricate process, and there is little room for error, as incidents involving Russian hackers targeting U.S. utilities have highlighted for operators worldwide.

Crucial to this mission is grid interconnection. Linked systems can share electricity across vast areas, often using HVDC technology, so that a surplus of energy generated in one location can meet demand in another. “More interconnection means we can move power around more quickly, more efficiently, more cost effectively and take advantage of low-carbon or zero-carbon power sources,” says James Glynn, a senior research scholar at the Center on Global Energy Policy at Columbia University. But connecting these massive networks with many moving parts is no small order.

One of the primary challenges of interconnecting grids is synchronizing them, which is what Ukrenergo, Moldelectrica and ENTSO-E accomplished last week. Synchronization is essential for sharing electricity. The task involves aligning the frequencies of every energy-generation facility in the connecting systems. Frequency is like the heartbeat of the electric grid. Across Europe, energy-generating turbines spin 50 times per second in near-perfect unison, and when disputes disrupt that balance, slow clocks across Europe can result, reminding operators of the stakes. For Ukraine and Moldova to join in, their systems had to be adjusted to match that rhythm. “We can’t stop the power system for an hour and then try to synchronize,” Deane says. “This has to be done while the system is operating.” It is like jumping onto a moving train or a spinning ride at the playground: the train or ride is not stopping, so you had better time the jump perfectly.

Related News

• Electricity Forum News

• Grid Technologies News

Canadian Industrial IoT Cybersecurity Standards aim to unify device security for utilities, smart grids, SCADA, and OT systems, aligning with NERC CIP, enabling certification, trust marks, compliance testing, and safer energy sector deployments.

Key Points

National standards to secure industrial IoT for utilities and grids, enabling certification and NERC CIP alignment.

✅ Aligns with NERC CIP and NIST frameworks for energy sector security

✅ Defines certification, testing tools, and a trusted device repository

✅ Enhances OT, SCADA, and smart grid resilience against cyber threats

The Canadian energy sector has been buying Internet-connected sensors for monitoring a range of activities in generating plants, distribution networks facing harsh weather risks and home smart meters for several years. However, so far industrial IoT device makers have been creating their own security standards for devices, leaving energy producers and utilities at their mercy.

The industry hopes to change that by creating national cybersecurity standards for industrial IoT devices, with the goal of improving its ability to predict, prevent, respond to and recover from cyber threats, such as emerging ransomware attacks across the grid.

To help, the federal government today announced an $818,000 grant support a CIO Strategy Council project oversee the setting of standards.

In an interview council executive director Keith Jansa said the money will help a three-year effort that will include holding a set of cross-country meetings with industry, government, academics and interest groups to create the standards, tools to be able to test devices against the standards and the development of product repository of IoT safe devices companies can consult before making purchases.

“The challenge is there are a number of these devices that will be coming online over the next few years,” Jansa said. “IoT devices are designed for convenience and not for security, so how do you ensure that a technology an electricity utility secures is in fact safeguarded against cyber threats? Currently, there is no associated trust mark or certification that gives confidence associated with these devices.”

He also said the council will work with the North American Electric Reliability Corporation (NERC), which sets North American-wide utility safety procedural standards and informs efforts on protecting the power grid across jurisdictions. The industrial IoT standards will be product standards.

According to Robert Wong, vice-president and CIO of Toronto Hydro, all the big provincial utilities are subject to adhering to NERC CIP standards which have requirements for both cyber and physical security. Ontario is different from most provinces in that it has local distribution companies — like Toronto Hydro — which buy electricity in bulk and resell it to customers.  These LDCs don’t own or operate critical infrastructure and therefore don’t have to follow the NERC CIP standards.

Regional reforms, such as regulatory changes in Atlantic Canada, aim to bring greener power options to the grid.

Electricity is considered around the world as one of a country’s critical national infrastructure. Threats to the grid can be used for ransom or by a country for political pressure. Ukraine had its power network knocked offline in 2015 and 2016 by what were believed to be Russian-linked attackers operating against utilities.

All the big provincial utilities operate “critical infrastructure” and are subject to adhering to NERC CIP (critical infrastructure protection) standards, which have requirements for both cyber and physical security, as similar compromises at U.S. electric utilities have highlighted recently.  There are audited on a regular basis for compliance and can face hefty fines if they fail to meet the requirements.  The LDCs in Ontario don’t own or operate “critical infrastructure” and therefore are not required to adopt NERC CIP standards (at least for now).

The CIO Strategy Council is a forum for chief information officers that is helping set standards in a number of areas. In January it announced a partnership with the Internet Society’s Canada Chapter to create standards of practice for IoT security for consumer devices. As part of the federal government’s updated national cybersecurity strategy it is also developing a national cybersecurity standard for small and medium-sized businesses. That strategy would allow SMBs to advertise to customers that they meet minimum security requirements.

“The security of Canadians and our critical infrastructure is paramount,” federal minister of natural resources Seamus O’Regan said in a statement with today’s announcement. “Cyber attacks are becoming more common and dangerous. That’s why we are supporting this innovative project to protect the Canadian electricity sector.”

The announcement was welcomed by Robert Wong, Toronto Hydro’s vice-president and CIO. “Any additional investment towards strengthening the safeguards against cyberattacks to Canada’s critical infrastructure is definitely good news.  From the perspective of the electricity sector, the convergence of IT and OT (operational technology) has been happening for some time now as the traditional electricity grid has been transforming into a Smart Grid with the introduction of smart meters, SCADA systems, electronic sensors and monitors, smart relays, intelligent automated switching capabilities, distributed energy resources, and storage technologies (batteries, flywheels, compressed air, etc.).

“In my experience, many OT device and system manufacturers and vendors are still lagging the traditional IT vendors in incorporating Security by Design philosophies and effective security features into their products.  This, in turn, creates greater risks and challenges for utilities to protecting their critical infrastructures and ensuring a reliable supply of electricity to its customers.”

The Ontario Energy Board, which regulates the industry in the province, has led an initiative for all utilities to adopt the National Institute of Standards and Technology (NIST) Cybersecurity Framework, along with the ES-C2M2 maturity and Privacy By Design models, he noted.  Toronto Hydro has been managing its cybersecurity practice in adherence to these standards, as the city addresses growing electricity needs as well, he said.

“Other jurisdictions, such as Israel, have invested heavily on a national level in developing its cybersecurity capabilities and are seen as global leaders.  I am confident that given the availability of talent, capabilities and resources in Canada (especially around the GTA) if we get strong support and leadership at a federal level we can also emerge as a leader in this area as well.”

Related News

• Electricity Forum News

• Grid Technologies News

Canada Critical Infrastructure Cyber Risks include state-sponsored actors probing the electricity grid and ICS/OT, ransomware on utilities, and espionage targeting smart cities, medical devices, and energy networks, pre-positioning for disruptive operations.

Key Points

Nation-state and criminal cyber risks to Canada's power, water, and OT/ICS, aiming to disrupt, steal data, or extort.

✅ State-sponsored probing of power grid and utilities

✅ OT/ICS exposure grows as systems connect to IT networks

✅ Ransomware, espionage, and pre-positioning for disruption

State-sponsored actors are "very likely" trying to shore up their cyber capabilities to attack Canada's critical infrastructure — such as the electricity supply, as underscored by the IEA net-zero electricity report indicating rising demand for clean power, to intimidate or to prepare for future online assaults, a new intelligence assessment warns.

"As physical infrastructure and processes continue to be connected to the internet, cyber threat activity has followed, leading to increasing risk to the functioning of machinery and the safety of Canadians," says a new national cyber threat assessment drafted by the Communications Security Establishment.

"We judge that state-sponsored actors are very likely attempting to develop the additional cyber capabilities required to disrupt the supply of electricity in Canada, even as cleaning up Canada's electricity remains critical for climate goals."

Today's report — the second from the agency's Canadian Centre for Cyber Security wing — looks at the major cyber threats to Canadians' physical safety and economic security.

The CSE does say in the report that while it's unlikely cyber threat actors would intentionally disrupt critical infrastructure — such as water and electricity supplies — to cause major damage or loss of life, they would target critical organizations "to collect information, pre-position for future activities, or as a form of intimidation."

The report said Russia-associated actors probed the networks of electricity utilities in the U.S. and Canada last year and Chinese state-sponsored cyber threat actors have targeted U.S. utility employees. Other countries have seen their industrial control systems targeted by Iranian hacking groups and North Korean malware was found in the IT networks of an Indian power plant, it said.

The threat grows as more critical infrastructure goes high-tech.

In the past, the operational technology (OT) used to control dams, boilers, electricity and pipeline operations has been largely immune to cyberattacks — but that's changing as manufacturers incorporate newer information technology in their systems and products and as the race to net-zero drives grid modernization, says the report.

That technology might make things easier and lower costs for utilities already facing debates over electricity prices in Alberta amid affordability concerns, but it comes with risks, said Scott Jones, the head of the cyber centre.

"So that means now it is a target, it is accessible and it's vulnerable. So what you could see is shutting off of transmission lines, you can see them opening circuit breakers, meaning electricity simply won't flow to our homes to our business," he told reporters Wednesday.

While the probability of such attacks remains low, Jones said the goal of Wednesday's briefing is to send out the early warnings.

"We're not trying to scare people. We're certainly not trying to scare people into going off grid by building a cabin in the woods. We're here to say, 'Let's tackle these now while they're still paper, while they're still a threat we're writing down.'"

Steve Waterhouse, a former cybersecurity officer for the Department of National Defence who now teaches at Université de Sherbrooke, said a saving grace for Canada could be the makeup of its electrical systems.

"Since in Canada, they're very centralized, it's easier to defend, and debates about bridging Alberta and B.C. electricity aim to strengthen resilience, while down in the States, they have multiple companies all around the place. So the weakest link is very hard to identify where it is, but the effect is a cascading effect across the country ... And it could impact Canada, just like we saw in the big Northeastern power outage, the blackout of 2003," he said.

"So that goes to say, we have to be prepared. And I believe most energy companies have been taking extra measures to protect and defend against these type of attacks, even as Canada points to nationwide climate success in electricity to meet emissions goals."

In the future, attacks targeting so-called smart cities and internet-connected devices, such as personal medical devices, could also put Canadians at risk, says the report. 

Earlier this year, for example, Health Canada warned the public that medical devices containing a particular Bluetooth chip — including pacemakers, blood glucose monitors and insulin pumps — are vulnerable to cyber attacks that could crash them.

The foreign signals intelligence agency also says that while state-sponsored programs in China, Russia, Iran and North Korea "almost certainly" pose the greatest state-sponsored cyber threats to Canadian individuals and organizations, many other states are rapidly developing their own cyber programs.

Waterhouse said he was glad to see the government agency call out the countries by name, representing a shift in approach in recent years.

"To tackle on and be ready to face a cyber-attack, you have to know your enemy," he said.

"You have to know what's vulnerable inside of your organization. You have to know how ... vulnerable it is against the threats that are out there."

Commercial espionage continues
State-sponsored actors will also continue their commercial espionage campaigns against Canadian businesses, academia and governments — even as calls to make Canada a post-COVID manufacturing hub grow — to steal Canadian intellectual property and proprietary information, says the CSE.

"We assess that these threat actors will almost certainly continue attempting to steal intellectual property related to combating COVID-19 to support their own domestic public health responses or to profit from its illegal reproduction by their own firms," says the "key judgments" section of the report.

"The threat of cyber espionage is almost certainly higher for Canadian organizations that operate abroad or work directly with foreign state-owned enterprises."

The CSE says such commercial espionage is happening already across multiple fields, including aviation, technology and AI, energy and biopharmaceuticals.

While state-sponsored cyber activity tends to offer the most sophisticated threats, CSE said that cybercrime continues to be the threat most likely to directly affect Canadians and Canadian organizations, through vectors like online scams and malware.

"We judge that ransomware directed against Canada will almost certainly continue to target large enterprises and critical infrastructure providers. These entities cannot tolerate sustained disruptions and are willing to pay up to millions of dollars to quickly restore their operations," says the report.

Cybercrime becoming more sophisticated 
According to the Canadian Anti-Fraud Centre, Canadians lost over $43 million to cybercrime last year. The CSE reported earlier this year that online thieves have been using the COVID-19 pandemic to trick Canadians into forking over their money — through scams like a phishing campaign that claimed to offer access to a Canada Emergency Response Benefit payment in exchange for the target's personal financial details.

Online foreign influence activities — a dominant theme in the CSE's last threat assessment briefing — continue and constitute "a new normal" in international affairs as adversaries seek to influence domestic and international political events, says the agency.

"We assess that, relative to some other countries, Canadians are lower-priority targets for online foreign influence activity," it said.

"However, Canada's media ecosystem is closely intertwined with that of the United States and other allies, which means that when their populations are targeted, Canadians become exposed to online influence as a type of collateral damage."

According to the agency's own definition, "almost certainly" means it is nearly 100 per cent certain in its analysis, while "very likely" means it is 80-90 per cent certain of its conclusions. The CSE says its analysis is based off of a mix of confidential and non-confidential intelligence and sources. 

Related News

• Electricity Forum News

• Climate Change News

Hydro One investment risk reflects Ontario government influence, board shakeup, Avista acquisition uncertainty, regulatory hearings, dividend growth prospects, and utility M&A moves in Peterborough, with stock volatility since the 2015 IPO.

Key Points

Hydro One investment risk stems from political control, governance turnover, regulatory outcomes, and uncertain M&A.

✅ Ontario retains near-50% stake, affecting autonomy and policy risk

✅ Board overhaul and CEO exit create governance uncertainty

✅ Avista deal, OEB hearings, local utility M&A drive outcomes

Hydro One may be only half-owned by the province on Ontario but that’s enough to cause uncertainty about the company’s future, thus making for an investment risk, says Douglas Kee of Leon Frazer & Associates.

Since its IPO in November of 2015, Hydro One has seen its share of ups and downs, including a Q2 profit decline earlier this year, mostly downs at this point. Currently trading at $19.87, the stock has lost 11 per cent of its value in 2018 and 12 per cent over the last 12 months, despite a one-time gain boosting Q2 profit that followed a court ruling.

This year has been a turbulent one, to say the least, as newly elected Ontario premier Doug Ford made good this summer on his campaign promise re Hydro One by forcing the resignation of the company’s 14-person board of directors along with the retirement of its chief executive, an event that saw Hydro One shares fall amid the turmoil. An interim CEO has been found and a new 10-person board and chairman put in place, but Kee says it’s unclear what impact the shakeup will ultimately have, other than delaying a promising-looking deal to purchase US utility Avista Corp, with the companies moving to ask the U.S. regulator to reconsider the order.

Douglas Kee’s take on Hydro One stock

“We looked at Hydro One a couple of times two years ago and just decided that with the Ontario government’s still owning a big chunk of the company … there are other public companies where you get the same kind of yield, the same kind of dividend growth, so we just avoided it,” says Kee, managing director and chief investment officer with Leon Frazer & Associates, to BNN Bloomberg.

“The old board versus the new board, I’m not sure that there’s much of an improvement. It was politics more than anything,” he says. “The unfortunate part is that the acquisition they were making in the United States is kind of on hold for now. The regulatory procedures have gone ahead but they are worried, and I guess the new board has to make a decision whether to go ahead with it or not.”

“Their transmissions side is coming up for regulatory hearings next year, which could be difficult in Ontario,” says Kee. “The offset to that is that there are a lot of municipal distributions systems in Ontario that may be sold — they bought one in Peterborough recently, which was a good deal for them. There may be more of that coming too.”

Last month, Hydro One reached an agreement with the City of Peterborough to buy its Peterborough Distribution utility which serves about 37,000 customers for $105 million. Another deal to purchase Orillia Power Distribution Corp for $41 million has been cancelled after an appeal to the Ontario Energy Board was denied in late August. Hydro One’s sought-after Avista Corp acquisition is reported to be worth $7 billion.

Related News

• Electricity Forum News

• T&D Business News

Clean Power Plan Rollback signals EPA's shift to inside-the-fence efficiency at coal plants, emphasizing heat-rate improvements over sector-wide decarbonization, renewables, natural gas switching, demand-side efficiency, and carbon capture under Clean Air Act constraints.

Key Points

A policy shift by the EPA to replace broad emissions rules with plant-level efficiency standards, limiting CO2 cuts.

✅ Inside-the-fence heat-rate improvements at coal units

✅ Potential CO2 cuts limited to about 6% per plant

✅ Alternatives: fuel switching, renewables, carbon capture

President Barack Obama’s signature plan to reduce carbon dioxide emissions from electrical generation took years to develop and touched every aspect of power production and use, from smokestacks to home insulation.

The Trump administration is moving to scrap that plan and has signaled that any alternative it might adopt would take a much less expansive approach, possibly just telling utilities to operate their plants more efficiently.

That’s a strategy environmentalists say is almost certain to fall short of what’s needed.

The Trump administration is making "a wholesale retreat from EPA’s legal, scientific and moral obligation to address the threats of climate change," said former Environmental Protection Agency head Gina McCarthy, the architect of Obama’s Clean Power Plan.

President Donald Trump promised to rip up the initiative, echoing an end to the 'war on coal' message from his campaign, which mandated that states change their overall power mix, displacing coal-fired electricity with that from wind, solar and natural gas. The EPA is about to make it official, arguing the prior administration violated the Clean Air Act by requiring those broad changes to the electricity sector, according to a draft obtained by Bloomberg.

Possible Replacements

Later, the agency will also ask the public to weigh in on possible replacements. The administration will ask whether the EPA can or should develop a replacement rule -- and, if so, what actions can be mandated at individual power plants, though some policymakers favor a clean electricity standard to drive broader decarbonization.

Follow the Trump Administration’s Every Move

Such changes -- such as adding automation or replacing worn turbine seals -- would yield at most a 6 percent gain in efficiency, along with a corresponding fall in greenhouse gas emissions, according to earlier modeling by the Environmental Protection Agency and other analysts. That compares to the 32 percent drop in emissions by 2030 under Obama’s Clean Power Plan.

"In these existing plants, there’s only so many places to look for savings," said John Larsen, a director of the Rhodium Group, a research firm. "There’s only so many opportunities within a big spinning machine like that."

EPA Administrator Scott Pruitt outlined such an "inside-the-fence-line" approach in 2014, later embodied in the Affordable Clean Energy rule that industry groups backed, when he served as Oklahoma’s attorney general. Under his blueprint, states would set emissions standards after a detailed unit-by-unit analysis, looking at what reductions are possible given "the engineering limits of each facility."

The EPA has not decided whether it will promulgate a new rule at all, though it has also proposed new pollution limits for coal and gas plants in separate actions. In a forthcoming advanced notice of proposed rulemaking, the EPA will ask "what inside-the-fence-line options are legal, feasible and appropriate," according to a document obtained by Bloomberg.

Increased efficiency at a coal plant -- known as heat-rate improvement -- translates into fewer carbon-dioxide emissions per unit of electric power generated.

Under Obama, the EPA envisioned utilities would make some straightforward efficiency improvements at coal-fired power plants as the first step to comply with the Clean Power Plan. But that was expected to coincide with bigger, broader changes -- such as using more cleaner-burning natural gas, adding more renewable power projects and simply encouraging customers to do a better job turning down their thermostats and turning off their lights.

Obama’s EPA didn’t ask utilities to wring every ounce of efficiency they could out of coal-fired power plants because they saw the other options as cheaper. A plant-specific approach "would be grossly insufficient to address the public health and environmental impacts from CO2 emissions," Obama’s EPA said.

That approach might yield modest emissions reductions and, in a perverse twist, might event have the opposite effect. If utilities make coal plants more efficient -- thereby driving down operating costs -- they also make them more competitive with natural gas and renewables, "so they might run more and pollute more," said Conrad Schneider, advocacy director for the Clean Air Task Force.  

In a competitive market, any improvement in emissions produced for each unit of energy could be overwhelmed by an increase in electrical output, and debates over changes to electricity pricing under Trump and Perry added further uncertainty.

"A very minor heat rate improvement program would very likely result in increased emissions," Schneider said. "It might be worse than nothing."

Power companies want to get as much electricity as possible from every pound of coal, so they already have an incentive to keep efficiency high, said Jeff Holmstead, a former assistant EPA administrator now at Bracewell LLP. But an EPA regulation known as “new source review” has discouraged some from making those changes, for fear of triggering other pollution-control requirements, he said.

"If EPA’s replacement rule allows companies to improve efficiency without triggering new source review, it would make a real difference in terms of reducing carbon-dioxide emissions," Holmstead said.

Modest Impact

A plant-specific approach doesn’t have to mean modest impact.

"If you’re thinking about what can be done at the power plants by themselves, you don’t stop at efficiency tune-ups," said David Doniger, director of the Natural Resources Defense Council’s climate and clean air program. "You look at things like switching to natural gas or installing carbon capture and storage."

Requirements that facilities use carbon capture technology or swap in natural gas for coal could actually come close to hitting the same goals as in Obama’s Clean Power Plan -- if not go even further, Schneider said. They just would cost more.

The benefit of the Clean Power Plan "is that it enabled states to create programs and enabled companies to find a reduction strategy that was the most efficient and made the most sense for their own content," said Kathryn Zyla, deputy director of the Georgetown Climate Center. "And that flexibility was really important for the states and companies."

Some utilities, including Houston-based Calpine Corp., PG&E Corp. and Dominion Resources Inc., backed the Obama-era approach. And they are still pushing the Trump administration to be creative now.

"The Clean Power Plan achieved a thoughtful, balanced approach that gave companies and states considerable flexibility on how best to pursue that goal," said Melissa Lavinson, vice president of federal affairs and policy for PG&E’s Pacific Gas and Electric utility. “We look forward to working with the administration to devise an alternative plan for decarbonizing the U.S. economy."

Related News

• Electricity Forum News

• Energy Policy News

Russian Utility Grid Cyberattacks reveal DHS findings on Dragonfly/Energetic Bear breaching control rooms and ICS/SCADA via vendor supply-chain spear-phishing, threatening blackouts and critical infrastructure across U.S. power utilities through stolen credentials and reconnaissance.

Key Points

State-backed ops breaching utilities via vendors to reach ICS/SCADA, risking grid disruption and control-room access.

✅ Spear-phishing and watering-hole attacks on vendor networks

✅ Stolen credentials used to reach isolated ICS/SCADA

✅ Potential to trigger localized blackouts and service disruptions

Hackers working for Russia were able to gain access to the control rooms of US electric utilities last year, allowing them to cause blackouts, federal officials tell the Wall Street Journal.

The hackers -- working for a state-sponsored group previously identified as Dragonfly or Energetic Bear -- broke into utilities' isolated networks by hacking networks belonging to third-party vendors that had relationships with the power companies, the Department of Homeland Security said in a press briefing on Monday.

Officials said the campaign had claimed hundreds of victims and is likely continuing, the Journal reported.

"They got to the point where they could have thrown switches" to disrupt the flow power, Jonathan Homer, chief of industrial-control-system analysis for DHS, told the Journal.

"While hundreds of energy and non-energy companies were targeted, the incident where they gained access to the industrial control system was a very small generation asset that would not have had any impact on the larger grid if taken offline," the DHS said in a statement Tuesday. "Over the course of the past year as we continued to investigate the activity, we learned additional information which would be helpful to industry in defending against this threat."

Organizations running the nation's energy, nuclear and other critical infrastructure have become frequent targets for cyberattacks in recent years due to their ability to cause immediate chaos, whether it's starting a blackout or blocking traffic signals. These systems are often vulnerable because of antiquated software and the high costs of upgrading infrastructure.

The report comes amid heightened tension between Russia and the US over cybersecurity, alongside US condemnation of power grid hacking in recent months. Earlier this month, US special counsel Robert Mueller filed charges against 12 Russian hackers tied to cyberattacks on the Democratic National Committee.

Hackers compromised US power utility companies' corporate networks with conventional approaches, such as spear-phishing emails and watering-hole attacks as seen in breaches at power plants across the US that target a specific group of users by infecting websites they're known to visit, the newspaper reported. After gaining access to vendor networks, hackers turned their attention to stealing credentials for access to the utility networks and familiarizing themselves with facility operations, officials said, according to the Journal.

Homeland Security didn't identify the victims, the newspaper reports, adding that some companies may not know they had been compromised because the attacks used legitimate credentials to gain access to the networks.

Cyberattacks on electrical systems aren't an academic matter. In 2016, Ukraine's grid was disrupted by cyberattacks attributed to Russia, which is engaged in territorial disputes with the country over eastern Ukraine and the Crimean peninsula. Russia has denied any involvement in targeting critical infrastructure.

President Donald Trump signed an executive order in May designed to bolster the United States' cybersecurity by protecting federal networks, critical infrastructure and the public online. One section of the order focuses on protecting the grid like electricity and water, as well as financial, health care and telecommunications systems.

The Department of Homeland Security didn't respond to a request for comment.

Related News

• Electricity Forum News

• Grid Technologies News