Hong Kong to expect electricity bills to rise 1 or 2 per cent

Russian Cyberattacks on U.S. Critical Infrastructure target energy grids, nuclear plants, water systems, and aviation, DHS and FBI warn, using spear phishing, malware, and ICS/SCADA intrusion to gain footholds for potential sabotage and disruption.

Key Points

State-backed hacks targeting U.S. energy, nuclear, water and aviation via phishing and ICS access for sabotage.

✅ DHS and FBI detail multi-stage intrusion since 2016

✅ Targets include energy, nuclear, water, aviation, manufacturing

✅ TTPs: spear phishing, lateral movement, ICS reconnaissance

Russia is attacking the U.S. energy grid, with reported power plant breaches unfolding alongside attacks on nuclear facilities, water processing plants, aviation systems, and other critical infrastructure that millions of Americans rely on, according to a new joint analysis by the FBI and the Department of Homeland Security.

In an unprecedented alert, the US Department of Homeland Security (DHS) and FBI have warned of persistent attacks by Russian government hackers on critical US government sectors, including energy, nuclear, commercial facilities, water, aviation and manufacturing.

The alert details numerous attempts extending back to March 2016 when Russian cyber operatives targeted US government and infrastructure.

The DHS and FBI said: “DHS and FBI characterise this activity as a multi-stage intrusion campaign by Russian government cyber-actors who targeted small commercial facilities’ networks, where they staged malware, conducted spear phishing and gained remote access into energy sector networks.

“After obtaining access, the Russian government cyber-actors conducted network reconnaissance, moved laterally and collected information pertaining to industrial control systems.”

The Trump administration has accused Russia of engineering a series of cyberattacks that targeted American and European nuclear power plants and water and electric systems, and could have sabotaged or shut power plants off at will.

#google#

United States officials and private security firms saw the attacks as a signal by Moscow that it could disrupt the West’s critical facilities in the event of a conflict.

They said the strikes accelerated in late 2015, at the same time the Russian interference in the American election was underway. The attackers had compromised some operators in North America and Europe by spring 2017, after President Trump was inaugurated.

In the following months, according to the DHS/FBI report, Russian hackers made their way to machines with access to utility control rooms and critical control systems at power plants that were not identified. The hackers never went so far as to sabotage or shut down the computer systems that guide the operations of the plants.

Still, new computer screenshots released by the Department of Homeland Security have made clear that Russian state hackers had the foothold they would have needed to manipulate or shut down power plants.

“We now have evidence they’re sitting on the machines, connected to industrial control infrastructure, that allow them to effectively turn the power off or effect sabotage,” said Eric Chien, a security technology director at Symantec, a digital security firm.

“From what we can see, they were there. They have the ability to shut the power off. All that’s missing is some political motivation,” Mr. Chien said.

American intelligence agencies were aware of the attacks for the past year and a half, and the Department of Homeland Security and the F.B.I. first issued urgent warnings to utility companies in June, 2017. Both DHS/FBI have now offered new details as the Trump administration imposed sanctions against Russian individuals and organizations it accused of election meddling and “malicious cyberattacks.”

It was the first time the administration officially named Russia as the perpetrator of the assaults. And it marked the third time in recent months that the White House, departing from its usual reluctance to publicly reveal intelligence, blamed foreign government forces for attacks on infrastructure in the United States.

In December, the White House said North Korea had carried out the so-called WannaCry attack that in May paralyzed the British health system and placed ransomware in computers in schools, businesses and homes across the world. Last month, it accused Russia of being behind the NotPetya attack against Ukraine last June, the largest in a series of cyberattacks on Ukraine to date, paralyzing the country’s government agencies and financial systems.

But the penalties have been light. So far, President Trump has said little to nothing about the Russian role in those attacks.

The groups that conducted the energy attacks, which are linked to Russian intelligence agencies, appear to be different from the two hacking groups that were involved in the election interference.

That would suggest that at least three separate Russian cyberoperations were underway simultaneously. One focused on stealing documents from the Democratic National Committee and other political groups. Another, by a St. Petersburg “troll farm” known as the Internet Research Agency, used social media to sow discord and division. A third effort sought to burrow into the infrastructure of American and European nations.

For years, American intelligence officials tracked a number of Russian state-sponsored hacking units as they successfully penetrated the computer networks of critical infrastructure operators across North America and Europe, including in Ukraine.

Some of the units worked inside Russia’s Federal Security Service, the K.G.B. successor known by its Russian acronym, F.S.B.; others were embedded in the Russian military intelligence agency, known as the G.R.U. Still others were made up of Russian contractors working at the behest of Moscow.

Russian cyberattacks surged last year, starting three months after Mr. Trump took office.

American officials and private cybersecurity experts uncovered a series of Russian attacks aimed at the energy, water and aviation sectors and critical manufacturing, including nuclear plants, in the United States and Europe. In its urgent report in June, the Department of Homeland Security and the F.B.I. notified operators about the attacks but stopped short of identifying Russia as the culprit.

By then, Russian spies had compromised the business networks of several American energy, water and nuclear plants, mapping out their corporate structures and computer networks.

They included that of the Wolf Creek Nuclear Operating Corporation, which runs a nuclear plant near Burlington, Kan. But in that case, and those of other nuclear operators, Russian hackers had not leapt from the company’s business networks into the nuclear plant controls.

Forensic analysis suggested that Russian spies were looking for inroads — although it was not clear whether the goal was to conduct espionage or sabotage, or to trigger an explosion of some kind.

In a report made public in October, Symantec noted that a Russian hacking unit “appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so.”

The United States sometimes does the same thing. It bored deeply into Iran’s infrastructure before the 2015 nuclear accord, placing digital “implants” in systems that would enable it to bring down power grids, command-and-control systems and other infrastructure in case a conflict broke out. The operation was code-named “Nitro Zeus,” and its revelation made clear that getting into the critical infrastructure of adversaries is now a standard element of preparing for possible conflict.

Reconstructed screenshot fragments of a Human Machine Interface that the threat actors accessed, according to DHS

Sanctions Announced

The US treasury department has imposed sanctions on 19 Russian people and five groups, including Moscow’s intelligence services, for meddling in the US 2016 presidential election and other malicious cyberattacks.

Russia, for its part, has vowed to retaliate against the new sanctions.

The new sanctions focus on five Russian groups, including the Russian Federal Security Service, the country’s military intelligence apparatus, and the digital propaganda outfit called the Internet Research Agency, as well as 19 people, some of them named in the indictment related to election meddling released by special counsel Robert Mueller last month.

In announcing the sanctions, which will generally ban U.S. people and financial institutions from doing business with those people and groups, the Treasury Department pointed to alleged Russian election meddling, involvement in the infrastructure hacks, and the NotPetya malware, which the Treasury Department called “the most destructive and costly cyberattack in history.”

The new sanctions come amid ongoing criticism of the Trump administration’s reluctance to punish Russia for cyber and election meddling. Sen. Mark Warner (D-Va.) said that, ahead of the 2018 mid-term elections, the administration’s decision was long overdue but not enough. “Nearly all of the entities and individuals who were sanctioned today were either previously under sanction during the Obama Administration, or had already been charged with federal crimes by the Special Counsel,” Warner said.

Warning: The Russians Are Coming

In an updated warning to utility companies, DHS/FBI officials included a screenshot taken by Russian operatives that proved they could now gain access to their victims’ critical controls, prompting a renewed focus on protecting the U.S. power grid among operators.

American officials and security firms, including Symantec and CrowdStrike, believe that Russian attacks on the Ukrainian power grid in 2015 and 2016 that left more than 200,000 citizens there in the dark are an ominous sign of what the Russian cyberstrikes may portend in the United States and Europe in the event of escalating hostilities.

Private security firms have tracked the Russian government assaults on Western power and energy operators — conducted alternately by groups under the names Dragonfly campaigns alongside Energetic Bear and Berserk Bear — since 2011, when they first started targeting defense and aviation companies in the United States and Canada.

By 2013, researchers had tied the Russian hackers to hundreds of attacks on the U.S. power grid and oil and gas pipeline operators in the United States and Europe. Initially, the strikes appeared to be motivated by industrial espionage — a natural conclusion at the time, researchers said, given the importance of Russia’s oil and gas industry.

But by December 2015, the Russian hacks had taken an aggressive turn. The attacks were no longer aimed at intelligence gathering, but at potentially sabotaging or shutting down plant operations.

At Symantec, researchers discovered that Russian hackers had begun taking screenshots of the machinery used in energy and nuclear plants, and stealing detailed descriptions of how they operated — suggesting they were conducting reconnaissance for a future attack.

Eventhough the US government enacted sanctions, cybersecurity experts are still questioning where the Russian attacks could lead, given that the United States was sure to respond in kind.

“Russia certainly has the technical capability to do damage, as it demonstrated in the Ukraine,” said Eric Cornelius, a cybersecurity expert at Cylance, a private security firm, who previously assessed critical infrastructure threats for the Department of Homeland Security during the Obama administration.

“It is unclear what their perceived benefit would be from causing damage on U.S. soil, especially given the retaliation it would provoke,” Mr. Cornelius said.

Though a major step toward deterrence, publicly naming countries accused of cyberattacks still is unlikely to shame them into stopping. The United States is struggling to come up with proportionate responses to the wide variety of cyberespionage, vandalism and outright attacks.

Lt. Gen. Paul Nakasone, who has been nominated as director of the National Security Agency and commander of United States Cyber Command, the military’s cyberunit, said during his recent Senate confirmation hearing, that countries attacking the United States so far have little to worry about.

“I would say right now they do not think much will happen to them,” General Nakasone said. He later added, “They don’t fear us.”

Related News

• Electricity Forum News

• Grid Technologies News

Dragonfly energy sector cyberattacks target ICS and SCADA across critical infrastructure, including the power grid and nuclear facilities, using spearphishing, watering-hole sites, supply-chain compromises, malware, and VPN exploits to gain operational access.

Key Points

Dragonfly APT campaigns target energy firms and ICS to gain grid access, risking manipulation and service disruption.

✅ Breaches leveraged spearphishing, watering-hole sites, and supply chains.

✅ Targeted ICS, SCADA, VPNs to pivot into operational networks.

✅ Aimed to enable power grid manipulation and potential outages.

An October, 2017 report by researchers at Symantec Corp., cited by the U.S. government, has linked recent US power grid cyber attacks to a group of hackers it had code-named "Dragonfly", and said it found evidence critical infrastructure facilities in Turkey and Switzerland also had been breached.

The Symantec researchers said an earlier wave of attacks by the same group starting in 2011 was used to gather intelligence on companies and their operational systems. The hackers then used that information for a more advanced wave of attacks targeting industrial control systems that, if disabled, leave millions without power or water.

U.S. intelligence officials have long been concerned about the security of the country’s electrical grid. The recent attacks, condemned by the U.S. government, striking almost simultaneously at multiple locations, are testing the government’s ability to coordinate an effective response among several private utilities, state and local officials, and industry regulators.

#google#

While the core of a nuclear generator is heavily protected, a sudden shutdown of the turbine can trigger safety systems. These safety devices are designed to disperse excess heat while the nuclear reaction is halted, but the safety systems themselves may be vulnerable to attack.

The operating systems at nuclear plants also tend to be legacy controls built decades ago and don’t have digital control systems that can be exploited by hackers.

“Since at least March 2016, Russian government cyber actors… targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors,” according to Thursday’s FBI and Department of Homeland Security report. The report did not say how successful the attacks were or specify the targets, but said that the Russian hackers “targeted small commercial facilities’ networks where they staged malware, conducted spearphishing, and gained remote access into energy sector networks.” At least one target of a string of infrastructure attacks last year was a nuclear power facility in Kansas.

Symantec doesn’t typically point fingers at particular nations in its research on cyberattacks, said Eric Chien, technical director of Symantec’s Security Technology and Response division, though he said his team doesn’t see anything it would disagree with in the new federal report. The government report appears to corroborate Symantec’s research, showing that the hackers had penetrated computers and accessed utility control rooms that would let them directly manipulate power systems, he says.

“There were really no more technical hurdles for them to do something like flip off the power,” he said.

And as for the group behind the attacks, Chien said it appears to be relatively dormant for now, but it has gone quiet in the past only to return with new hacks.

“We expect they’re sort of retooling now, and they likely will be back,”

In some cases, Dragonfly successfully broke into the core systems that control US and European energy companies, Symantec revealed.

“The energy sector has become an area of increased interest to cyber-attackers over the past two years,” Symantec said in its report.

“Most notably, disruptions to Ukraine’s power system in 2015 and 2016 were attributed to a cyberattack and led to power outages affecting hundreds of thousands of people. In recent months, there have also been media reports of attempted attacks on the electricity grids in some European countries, as well as reports of companies that manage nuclear facilities in the US being compromised by hackers.

“The Dragonfly group appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so. Symantec customers are protected against the activities of the Dragonfly group.”

In recent weeks, senior US intelligence officials said that the Kremlin believes it can launch hacking operations against the West with impunity, including a cyber weapon that can disrupt power grids, according to assessments.

The DHS and FBI report further elaborated: “This campaign comprises two distinct categories of victims: staging and intended targets. The initial victims are peripheral organisations such as trusted third-party suppliers with less-secure networks, referred to as ‘staging targets’ throughout this alert.

“The threat actors used the staging targets’ networks as pivot points and malware repositories when targeting their final intended victims. National Cybersecurity and Communications Integration Center and FBI judge the ultimate objective of the actors is to compromise organisational networks, also referred to as the ‘intended target’.”

According to the US alert, hackers used a variety of attack methods, including spear-phishing emails, watering-hole domains, credential gathering, open source and network reconnaissance, host-based exploitation, and deliberate targeting of ICS infrastructure.

The attackers also targeted VPN software and used password cracking tools.

Once inside, the attackers downloaded tools from a remote server and then carried out a number of actions, including modifying key systems to store plaintext credentials in memory, and built web shells to gain command and control of targeted systems.

“This actors’ campaign has affected multiple organisations in the energy, nuclear, water, aviation, construction and critical manufacturing sectors, with hundreds of victims across the U.S. power grid confirmed,” the DHS said, before outlining a number of steps that IT managers in infrastructure organisations can take to cleanse their systems and defend against Russian hackers. he said.
 

Related News

• Electricity Forum News

• Grid Technologies News

Northeast D.C. Power Outage highlights Pepco substation equipment failure, widespread service disruptions, grid reliability concerns, and restoration efforts, with calls for smart grid upgrades, better communication, and resilient infrastructure to protect residents, schools, and businesses.

Key Points

A Pepco substation failure caused outages, prompting restoration work and plans for smarter, resilient grid upgrades.

✅ Pepco cites substation equipment failure as root cause

✅ Crews prioritized rapid restoration and customer updates

✅ Calls grow for smart grid, resilience, and transparency

A recent power outage affecting Northeast Washington, D.C., has drawn attention to the vulnerabilities within the city’s energy infrastructure. The outage, caused by equipment failure at a Pepco substation, left thousands of residents in the dark and raised concerns about the reliability of electricity services in the area.

The Outage: What Happened?

On a typically busy weekday morning, Pepco, the local electric utility, reported significant power disruptions that affected several neighborhoods in Northeast D.C. Initial reports indicated that around 3,000 customers were without electricity due to issues at a nearby substation. The outages were widespread, impacting homes, schools, and businesses, and reflecting pandemic energy insecurity seen in many communities, creating a ripple effect of inconvenience and frustration.

Residents experienced not only the loss of power but also disruptions in daily activities. Many were unable to work from home, students faced challenges with remote learning, and businesses had to close or operate under limited conditions. The timing of the outage further exacerbated the situation, as it coincided with a period of increased demand for electricity, making efforts to prevent summer outages even more crucial for residents and businesses.

Community Response

In the wake of the outage, local community members and leaders quickly mobilized to assess the situation. Pepco crews were dispatched to restore power as swiftly as possible, but residents were left grappling with the immediate consequences. Local organizations and community leaders stepped in to provide support, especially as extreme heat can exacerbate electricity struggles for vulnerable households, offering resources such as food and shelter for those most affected.

Social media became a vital tool for residents to share information and updates about the situation. Many took to platforms like Twitter and Facebook to report their experiences and seek assistance. This grassroots communication helped keep the community informed and fostered a sense of solidarity during the disruption.

The Utility's Efforts

Pepco’s response involved not only restoring power but also addressing the underlying issues that led to the outage. The utility company communicated its commitment to investigating the cause of the equipment failure and ensuring that similar incidents would be less likely in the future. As part of this commitment, Pepco outlined plans for infrastructure upgrades, despite supply-chain constraints facing utilities nationwide, aimed at enhancing reliability across its service area.

Moreover, Pepco emphasized the importance of communication during outages. The company has been working to improve its notification systems, ensuring that customers receive timely updates about outages and restoration efforts. Enhanced communication can help mitigate the frustration experienced during such events and keep residents informed about when they can expect power to be restored.

Broader Implications for D.C.'s Energy Infrastructure

This recent outage has sparked a larger conversation about the resilience of Washington, D.C.’s energy infrastructure. As the city continues to grow and evolve, the demand for reliable electricity is more critical than ever. Frequent outages can undermine public confidence in utility providers and highlight the need for ongoing investment in infrastructure amid an aging U.S. grid that complicates renewable deployment and EV adoption across the country.

Experts suggest that to ensure a more reliable energy supply, utilities must embrace modernization efforts, including the integration of smart grid technology and renewable energy sources. These innovations can enhance the ability to manage electricity supply and demand, especially during unprecedented demand in the Eastern U.S. when heatwaves strain systems, reduce outages, and improve response times during emergencies.

The Path Forward

In response to the outage, community advocates are calling for greater transparency from Pepco and other utility companies. They emphasize the importance of holding utilities accountable for maintaining reliable service and communicating effectively with customers, while also promoting customer bill-reduction initiatives that help households manage costs. Public forums and discussions about energy policy can empower residents to voice their concerns and contribute to solutions.

As D.C. looks to the future, it is essential to prioritize investments in energy infrastructure that can withstand the demands of a growing population. Collaborations between local government, utility companies, and community organizations can drive initiatives aimed at enhancing resilience and ensuring that all residents have access to reliable electricity.

The recent power outage in Northeast D.C. serves as a reminder of the challenges facing urban energy infrastructure. While Pepco's efforts to restore power and improve communication are commendable, the incident highlights the need for long-term solutions to enhance reliability. By investing in modern technology and fostering community engagement, D.C. can work towards a more resilient energy future, ensuring that residents can count on their electricity service even in times of crisis.

Related News

• Electricity Forum News

• Energy Policy News

U.S. power grid cyberattacks expose critical infrastructure to Russian hackers, DHS warns, targeting SCADA, smart grid sensors, and utilities; NERC CIP defenses, microgrids, and resilience planning aim to mitigate outages and supply chain disruptions.

Key Points

U.S. power grid cyberattacks target utility control systems, risking outages, disruption, requiring stronger defenses.

✅ Russian access to utilities and SCADA raises outage risk

✅ NERC CIP, DHS, and utilities expand cyber defenses

✅ Microgrids and renewables enhance resilience, islanding capability

The U.S. Department of Homeland Security has revealed that Russian government hackers accessed control rooms at hundreds of U.S. electrical utility companies, gaining far more access to the operations of many more companies than previously disclosed by federal officials.

Securing the electrical grid, upon which is built almost the entirety of modern society, is a monumental challenge. Several experts have explained aspects of the task, potential solutions and the risks of failure for The Conversation:

1. What’s at stake?

The scale of disruption would depend, in part, on how much damage the attackers wanted to do. But a major cyberattack on the electricity grid could send surges through the grid, much as solar storms have done.

Those events, explains Rochester Institute of Technology space weather scholar Roger Dube, cause power surges, damaging transmission equipment. One solar storm in March 1989, he writes, left “6 million people without power for nine hours … [and] destroyed a large transformer at a New Jersey nuclear plant. Even though a spare transformer was nearby, it still took six months to remove and replace the melted unit.”

More serious attacks, like larger solar storms, could knock out manufacturing plants that build replacement electrical equipment, gas pumps to fuel trucks to deliver the material and even “the machinery that extracts oil from the ground and refines it into usable fuel. … Even systems that seem non-technological, like public water supplies, would shut down: Their pumps and purification systems need electricity.”

In the most severe cases, with fuel-starved transportation stalled and other basic infrastructure not working, “[p]eople in developed countries would find themselves with no running water, no sewage systems, no refrigerated food, and no way to get any food or other necessities transported from far away. People in places with more basic economies would also be without needed supplies from afar.”

2. It wouldn’t be the first time

Russia has penetrated other countries’ electricity grids in the past, and used its access to do real damage. In the middle of winter 2015, for instance, a Russian cyberattack shut off the power to Ukraine’s capital in the middle of winter 2015.

Power grid scholar Michael McElfresh at Santa Clara University discusses what happened to cause hundreds of thousands of Ukrainians to lose power for several hours, and notes that U.S. utilities use software similar to their Ukrainian counterparts – and therefore share the same vulnerabilities.

3. Security work is ongoing

These threats aren’t new, write grid security experts Manimaran Govindarasu from Iowa State and Adam Hahn from Washington State University. There are a lot of people planning defenses, including the U.S. government, as substation attacks are growing across the country. And the “North American Electric Reliability Corporation, which oversees the grid in the U.S. and Canada, has rules … for how electric companies must protect the power grid both physically and electronically.” The group holds training exercises in which utility companies practice responding to attacks.

4. There are more vulnerabilities now

Grid researcher McElfresh also explains that the grid is increasingly complex, with with thousands of companies responsible for different aspects of generating, transmission, and delivery to customers. In addition, new technologies have led companies to incorporate more sensors and other “smart grid” technologies. He describes how that, as a recent power grid report card underscores, “has created many more access points for penetrating into the grid computer systems.”

5. It’s time to ramp up efforts

The depth of access and potential control over electrical systems means there has never been a better time than right now to step up grid security amid a renewed focus on protecting the grid among policymakers and utilities, writes public-utility researcher Theodore Kury at the University of Florida. He notes that many of those efforts may also help protect the grid from storm damage and other disasters.

6. A possible solution could be smaller grids

One protective effort was identified by electrical engineer Joshua Pearce at Michigan Technological University, who has studied ways to protect electricity supplies to U.S. military bases both within the country and abroad. He found that the Pentagon has already begun testing systems, as the military ramps up preparation for major grid hacks, that combine solar-panel arrays with large-capacity batteries. “The equipment is connected together – and to buildings it serves – in what is called a ‘microgrid,’ which is normally connected to the regular commercial power grid but can be disconnected and become self-sustaining when disaster strikes.”

He found that microgrid systems could make military bases more resilient in the face of cyberattacks, criminals or terrorists and natural disasters – and even help the military “generate all of its electricity from distributed renewable sources by 2025 … which would provide energy reliability and decrease costs, [and] largely eliminate a major group of very real threats to national security.”

Related News

• Electricity Forum News

• Grid Technologies News

French Antitrust Fines for Electrical Cartel expose price fixing by Schneider Electric, Legrand, Rexel, and Sonepar, after a Competition Authority probe into electrical distribution, collusion, and compliance breaches impacting market competition and customers.

Key Points

Penalties on Schneider Electric, Legrand, Rexel, and Sonepar for electrical price fixing, upholding competition law.

✅ Competition Authority fined four major suppliers.

✅ Collusion raised prices across construction and industry.

✅ Firms bolster compliance programs and training.

In a significant crackdown on corporate malfeasance, French authorities have imposed hefty fines on four major electrical equipment companies—Schneider Electric, Legrand, Rexel, and Sonepar—after concluding a price-fixing investigation. The total fines amount to approximately €500 million, underscoring the seriousness with which regulators are addressing anti-competitive practices in the electrical distribution sector, even as France advances a new electricity pricing scheme to address EU concerns.

Background of the Investigation

The probe, initiated by France’s Competition Authority, sought to uncover collusion among these leading firms regarding the pricing of electrical equipment and services between 2005 and 2012. This investigation is part of a broader initiative to promote fair competition within the market, as Europe prepares to revamp its electricity market to bolster transparency, ensuring that consumers and businesses alike benefit from competitive pricing and innovative products.

The inquiry revealed that these companies had engaged in illicit agreements to fix prices and coordinate their market strategies, limiting competition in a sector critical to both the economy and infrastructure. The findings indicated that the collusion not only stifled competition but also led to inflated prices for customers, illustrating why rolling back electricity prices is often more complex than it appears for customers across various sectors, from construction to manufacturing.

The Fines Imposed

Following the conclusion of the investigation, the fines levied against the companies were substantial. Schneider Electric faced the largest penalty, receiving a fine of €220 million, while Legrand was fined €150 million. Rexel and Sonepar were each fined €70 million and €50 million, respectively. These financial penalties serve as a deterrent to other companies that might consider engaging in similar practices, reinforcing the message that anti-competitive behavior will not be tolerated.

The fines are particularly significant given the size and influence of these companies within the electrical equipment market. Their combined revenues amount to billions of euros annually, making the repercussions of their actions far-reaching. As major players in the industry, their pricing strategies have a direct impact on numerous sectors, from residential construction to large-scale industrial projects.

Industry Reactions

The response from the affected companies has varied. Schneider Electric expressed its commitment to compliance and transparency, acknowledging the importance of adhering to competition laws, amid ongoing EU electricity reform debates that influence market expectations.

Legrand also emphasized its commitment to fair competition, noting that it has taken steps to enhance its compliance framework in response to the investigation. Rexel and Sonepar similarly reaffirmed their dedication to ethical business practices and their intention to cooperate with regulators in the future.

Industry experts have pointed out that these fines, while significant, may not be enough to deter large corporations from engaging in similar behavior unless accompanied by a broader cultural shift within the industry. There is a growing call for enhanced oversight and stricter penalties to ensure that companies prioritize ethical conduct over short-term profits.

Implications for the Market

The fines imposed on Schneider, Legrand, Rexel, and Sonepar could have broader implications for the electrical equipment market and beyond. They signal to other companies within the sector that regulatory bodies are vigilant, even as nine EU countries oppose electricity market reforms proposed as fixes for price spikes, and willing to take decisive action against anti-competitive practices. This could foster a more competitive environment, ultimately benefiting consumers through better prices and enhanced product offerings.

Moreover, the case highlights the importance of regulatory bodies in maintaining fair market conditions. As industries evolve, ongoing vigilance from competition authorities will be necessary to prevent similar instances of collusion and ensure that markets remain competitive and innovative, as seen when New York opened a formal review of retail energy markets.

The recent fines imposed on Schneider Electric, Legrand, Rexel, and Sonepar mark a significant moment in France's ongoing battle against corporate price-fixing and anti-competitive practices, occurring as the government and EDF reached a deal on electricity prices to balance market pressures. With total penalties exceeding €500 million, the investigation underscores the commitment of French authorities to uphold market integrity and protect consumer interests.

As the industry reflects on these developments, it remains crucial for companies to prioritize compliance and ethical business practices. The ultimate goal is to create an environment where competition thrives, innovation flourishes, and consumers benefit from fair pricing. This case serves as a reminder that transparency and accountability are vital in maintaining the health of any market, particularly one as essential as the electrical equipment sector.

Related News

• Electricity Forum News

• Energy Policy News

Massachusetts Solar Net Metering faces new demand charges and elimination of residential time-of-use rates under an MDPU order, as Eversource cites grid cost fairness while clean energy advocates warn of impacts on distributed solar growth.

Key Points

Policy letting solar customers net out usage with exports; MDPU now adds demand charges and ends TOU rates.

✅ New residential solar demand charges start Dec 31, 2018.

✅ Optional residential TOU rates eliminated by MDPU order.

✅ Eversource cites grid cost fairness; advocates warn slower solar.

A recent Massachusetts Department of Public Utilities' rate case order changes the way solar net metering works and eliminates optional residential time-of-use rates, stirring controversy between clean energy advocates and utility Eversource and potential consumer backlash over rate design.

"There is a lot of room to talk about what net-energy metering should look like, but a demand charge is an unfair way to charge customers," Mark LeBel, staff attorney at non-profit clean energy advocacy organization Acadia Center, said in a Tuesday phone call. Acadia Center is an intervenor in the rate case and opposed the changes.

The Friday MDPU order implements demand charges for new residential solar projects starting on December 31, 2018. Such charges are based on the highest peak hourly consumption over the course of a month, regardless of what time the power is consumed.

Eversource contends the demand charge will more fairly distribute the costs of maintaining the local power grid, echoing minimum charge proposals aimed at low-usage customers. Net metering is often criticized for not evenly distributing those costs, which are effectively subsidized by non-net-metered customers.

"What the demand charge will do is eliminate, to the extent possible, the unfair cross subsidization by non-net-metered customers that currently exists with rates that only have kilowatt-hour charges and no kilowatt demand, Mike Durand, Eversource spokesman, said in a Tuesday email. 

"For net metered facilities that use little kilowatt-hours, a demand charge is a way to charge them for their fair share of the cost of the significant maintenance and upgrade work we do on the local grid every day," Durand said. "Currently, their neighbors are paying more than their share of those costs."

It will not affect existing facilities, Durand said, only those installed after December 31, 2018.

Solar advocates are not enthusiastic about the change and see it slowing the growth of solar power, particularly residential rooftop solar, in the state.

"This is a terrible outcome for the future of solar in Massachusetts," Nathan Phelps, program manager of distributed generation and regulatory policy at solar power advocacy group Vote Solar, said in a Tuesday phone call.

"It's very inconsistent with DPU precedent and numerous pieces of legislation passed in the last 10 years," Phelps said. "The commonwealth has passed several pieces of legislation that are supportive of renewable energy and solar power. I don't know what the DPU was thinking."

 

TIME-OF-USE PRICING ELIMINATED

It does not matter when during the month peak demand occurs -- which could be during the week in the evening -- customers will be charged the same as they would on a hot summer day, LeBel said. Because an individual customer's peak usage does not necessarily correspond to peak demand across the utility's system, consumers are not being provided incentives to reduce energy usage in a way that could benefit the power system, Acadia Center said in a Tuesday statement.

However, Eversource maintains that residential customer distribution peaks based on customer load profiles do not align with basic service peak periods, which are based on Independent System Operator New England's peaks that reflect market-based pricing, even as a Connecticut market overhaul advances in the region, according to the MDPU order.

"The residential Time of Use rates we're eliminating are obsolete, having been designed decades ago when we were responsible for both the generation and the delivery of electricity," Eversource's Durand said.

"We are no longer in the generation business, having divested of our generation assets in Massachusetts in compliance with the law that restructured of our industry back in the late 1990s. Time Varying pricing is best used with generation rates, where the price for electricity changes based on time of day and electricity demand and can significantly alter electric bills for households," he said.

Additionally, only 0.02% of residential customers take service on Eversource's TOU rates and it would be difficult for residential customers to avoid peak period rates because they do not have the ability to shift or reduce load, according to the order.

"The Department allowed the Companies' proposal to eliminate their optional residential TOU rates in order to consolidate and align their residential rates and tariffs to better achieve the rate structure goal of simplicity," the MDPU said in the order.

Related News

• Electricity Forum News

• Energy Policy News