More stability for electricity consumers

Russian Cyberattacks on U.S. Critical Infrastructure target energy grids, nuclear plants, water systems, and aviation, DHS and FBI warn, using spear phishing, malware, and ICS/SCADA intrusion to gain footholds for potential sabotage and disruption.

Key Points

State-backed hacks targeting U.S. energy, nuclear, water and aviation via phishing and ICS access for sabotage.

✅ DHS and FBI detail multi-stage intrusion since 2016

✅ Targets include energy, nuclear, water, aviation, manufacturing

✅ TTPs: spear phishing, lateral movement, ICS reconnaissance

Russia is attacking the U.S. energy grid, with reported power plant breaches unfolding alongside attacks on nuclear facilities, water processing plants, aviation systems, and other critical infrastructure that millions of Americans rely on, according to a new joint analysis by the FBI and the Department of Homeland Security.

In an unprecedented alert, the US Department of Homeland Security (DHS) and FBI have warned of persistent attacks by Russian government hackers on critical US government sectors, including energy, nuclear, commercial facilities, water, aviation and manufacturing.

The alert details numerous attempts extending back to March 2016 when Russian cyber operatives targeted US government and infrastructure.

The DHS and FBI said: “DHS and FBI characterise this activity as a multi-stage intrusion campaign by Russian government cyber-actors who targeted small commercial facilities’ networks, where they staged malware, conducted spear phishing and gained remote access into energy sector networks.

“After obtaining access, the Russian government cyber-actors conducted network reconnaissance, moved laterally and collected information pertaining to industrial control systems.”

The Trump administration has accused Russia of engineering a series of cyberattacks that targeted American and European nuclear power plants and water and electric systems, and could have sabotaged or shut power plants off at will.

#google#

United States officials and private security firms saw the attacks as a signal by Moscow that it could disrupt the West’s critical facilities in the event of a conflict.

They said the strikes accelerated in late 2015, at the same time the Russian interference in the American election was underway. The attackers had compromised some operators in North America and Europe by spring 2017, after President Trump was inaugurated.

In the following months, according to the DHS/FBI report, Russian hackers made their way to machines with access to utility control rooms and critical control systems at power plants that were not identified. The hackers never went so far as to sabotage or shut down the computer systems that guide the operations of the plants.

Still, new computer screenshots released by the Department of Homeland Security have made clear that Russian state hackers had the foothold they would have needed to manipulate or shut down power plants.

“We now have evidence they’re sitting on the machines, connected to industrial control infrastructure, that allow them to effectively turn the power off or effect sabotage,” said Eric Chien, a security technology director at Symantec, a digital security firm.

“From what we can see, they were there. They have the ability to shut the power off. All that’s missing is some political motivation,” Mr. Chien said.

American intelligence agencies were aware of the attacks for the past year and a half, and the Department of Homeland Security and the F.B.I. first issued urgent warnings to utility companies in June, 2017. Both DHS/FBI have now offered new details as the Trump administration imposed sanctions against Russian individuals and organizations it accused of election meddling and “malicious cyberattacks.”

It was the first time the administration officially named Russia as the perpetrator of the assaults. And it marked the third time in recent months that the White House, departing from its usual reluctance to publicly reveal intelligence, blamed foreign government forces for attacks on infrastructure in the United States.

In December, the White House said North Korea had carried out the so-called WannaCry attack that in May paralyzed the British health system and placed ransomware in computers in schools, businesses and homes across the world. Last month, it accused Russia of being behind the NotPetya attack against Ukraine last June, the largest in a series of cyberattacks on Ukraine to date, paralyzing the country’s government agencies and financial systems.

But the penalties have been light. So far, President Trump has said little to nothing about the Russian role in those attacks.

The groups that conducted the energy attacks, which are linked to Russian intelligence agencies, appear to be different from the two hacking groups that were involved in the election interference.

That would suggest that at least three separate Russian cyberoperations were underway simultaneously. One focused on stealing documents from the Democratic National Committee and other political groups. Another, by a St. Petersburg “troll farm” known as the Internet Research Agency, used social media to sow discord and division. A third effort sought to burrow into the infrastructure of American and European nations.

For years, American intelligence officials tracked a number of Russian state-sponsored hacking units as they successfully penetrated the computer networks of critical infrastructure operators across North America and Europe, including in Ukraine.

Some of the units worked inside Russia’s Federal Security Service, the K.G.B. successor known by its Russian acronym, F.S.B.; others were embedded in the Russian military intelligence agency, known as the G.R.U. Still others were made up of Russian contractors working at the behest of Moscow.

Russian cyberattacks surged last year, starting three months after Mr. Trump took office.

American officials and private cybersecurity experts uncovered a series of Russian attacks aimed at the energy, water and aviation sectors and critical manufacturing, including nuclear plants, in the United States and Europe. In its urgent report in June, the Department of Homeland Security and the F.B.I. notified operators about the attacks but stopped short of identifying Russia as the culprit.

By then, Russian spies had compromised the business networks of several American energy, water and nuclear plants, mapping out their corporate structures and computer networks.

They included that of the Wolf Creek Nuclear Operating Corporation, which runs a nuclear plant near Burlington, Kan. But in that case, and those of other nuclear operators, Russian hackers had not leapt from the company’s business networks into the nuclear plant controls.

Forensic analysis suggested that Russian spies were looking for inroads — although it was not clear whether the goal was to conduct espionage or sabotage, or to trigger an explosion of some kind.

In a report made public in October, Symantec noted that a Russian hacking unit “appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so.”

The United States sometimes does the same thing. It bored deeply into Iran’s infrastructure before the 2015 nuclear accord, placing digital “implants” in systems that would enable it to bring down power grids, command-and-control systems and other infrastructure in case a conflict broke out. The operation was code-named “Nitro Zeus,” and its revelation made clear that getting into the critical infrastructure of adversaries is now a standard element of preparing for possible conflict.

Reconstructed screenshot fragments of a Human Machine Interface that the threat actors accessed, according to DHS

Sanctions Announced

The US treasury department has imposed sanctions on 19 Russian people and five groups, including Moscow’s intelligence services, for meddling in the US 2016 presidential election and other malicious cyberattacks.

Russia, for its part, has vowed to retaliate against the new sanctions.

The new sanctions focus on five Russian groups, including the Russian Federal Security Service, the country’s military intelligence apparatus, and the digital propaganda outfit called the Internet Research Agency, as well as 19 people, some of them named in the indictment related to election meddling released by special counsel Robert Mueller last month.

In announcing the sanctions, which will generally ban U.S. people and financial institutions from doing business with those people and groups, the Treasury Department pointed to alleged Russian election meddling, involvement in the infrastructure hacks, and the NotPetya malware, which the Treasury Department called “the most destructive and costly cyberattack in history.”

The new sanctions come amid ongoing criticism of the Trump administration’s reluctance to punish Russia for cyber and election meddling. Sen. Mark Warner (D-Va.) said that, ahead of the 2018 mid-term elections, the administration’s decision was long overdue but not enough. “Nearly all of the entities and individuals who were sanctioned today were either previously under sanction during the Obama Administration, or had already been charged with federal crimes by the Special Counsel,” Warner said.

Warning: The Russians Are Coming

In an updated warning to utility companies, DHS/FBI officials included a screenshot taken by Russian operatives that proved they could now gain access to their victims’ critical controls, prompting a renewed focus on protecting the U.S. power grid among operators.

American officials and security firms, including Symantec and CrowdStrike, believe that Russian attacks on the Ukrainian power grid in 2015 and 2016 that left more than 200,000 citizens there in the dark are an ominous sign of what the Russian cyberstrikes may portend in the United States and Europe in the event of escalating hostilities.

Private security firms have tracked the Russian government assaults on Western power and energy operators — conducted alternately by groups under the names Dragonfly campaigns alongside Energetic Bear and Berserk Bear — since 2011, when they first started targeting defense and aviation companies in the United States and Canada.

By 2013, researchers had tied the Russian hackers to hundreds of attacks on the U.S. power grid and oil and gas pipeline operators in the United States and Europe. Initially, the strikes appeared to be motivated by industrial espionage — a natural conclusion at the time, researchers said, given the importance of Russia’s oil and gas industry.

But by December 2015, the Russian hacks had taken an aggressive turn. The attacks were no longer aimed at intelligence gathering, but at potentially sabotaging or shutting down plant operations.

At Symantec, researchers discovered that Russian hackers had begun taking screenshots of the machinery used in energy and nuclear plants, and stealing detailed descriptions of how they operated — suggesting they were conducting reconnaissance for a future attack.

Eventhough the US government enacted sanctions, cybersecurity experts are still questioning where the Russian attacks could lead, given that the United States was sure to respond in kind.

“Russia certainly has the technical capability to do damage, as it demonstrated in the Ukraine,” said Eric Cornelius, a cybersecurity expert at Cylance, a private security firm, who previously assessed critical infrastructure threats for the Department of Homeland Security during the Obama administration.

“It is unclear what their perceived benefit would be from causing damage on U.S. soil, especially given the retaliation it would provoke,” Mr. Cornelius said.

Though a major step toward deterrence, publicly naming countries accused of cyberattacks still is unlikely to shame them into stopping. The United States is struggling to come up with proportionate responses to the wide variety of cyberespionage, vandalism and outright attacks.

Lt. Gen. Paul Nakasone, who has been nominated as director of the National Security Agency and commander of United States Cyber Command, the military’s cyberunit, said during his recent Senate confirmation hearing, that countries attacking the United States so far have little to worry about.

“I would say right now they do not think much will happen to them,” General Nakasone said. He later added, “They don’t fear us.”

Related News

• Electricity Forum News

• Grid Technologies News

EU Smart Meter Analytics integrates AMI data with grid edge platforms, enabling back-office efficiency, revenue assurance, and customer insights via cloud and PaaS solutions, while system integration cuts costs and improves utility performance.

Key Points

EU smart meter analytics uses AMI data and cloud to improve utility performance, revenue assurance, and outcomes.

✅ AMI underpins grid edge analytics and utility IT/OT integration

✅ Cloud and PaaS reduce costs and scale data-driven applications

✅ Focus shifts from meter rollout to back-office and revenue analytics

Europe's investment in smart meters has begun to open up the market for analytics that benefit both utilities and customers.

Two new reports from GTM Research demonstrate the substantial investment in both advanced metering infrastructure (AMI) and specific customer analytics segments -- the first report analyzes the progress of AMI deployment in Europe, while the second is a comprehensive assessment of analytics use cases, including AI in utility operations, enabled by or interacting with AMI.

The Third Energy Package mandated EU member states to perform a cost-benefit analysis to evaluate the economic viability of deploying smart meters and broader grid modernization costs across member states. Two-thirds of the member states found there was a net positive result, while seven members found negative or inconclusive results.

“The mandate spurred AMI deployment in the EU, but all member states are deploying some AMI. Even without an overall positive cost-benefit outcome, utilities found pockets of customers where there is a positive business case for AMI,” said Paulina Tarrant, research associate at GTM Research and lead author of “Racing to 2020: European Policy, Deployment and Market Share Primer.”

Annual AMI contracting peaked in 2013 -- two years after the mandate -- with 29 million contracted that year. Today, 100 million meters have been contracted overall. As member states reach their respective targets, the AMI market will cool in Europe and spending on analytics and applications will continue to ramp up, aligning with efforts to invest in smarter infrastructure across the sector, Tarrant noted.

Between 2017 and 2021, more than $30 billion will be spent on utility back-office and revenue-assurance analytics in the EU, reflecting the shift toward the digital grid architecture, according to GTM Research’s Grid Edge Customer Utility Analytics Ecosystems: Competitive Analysis, Forecasts and Case Studies.

The report examines the broad landscape of customer analytics showing how AMI interacts with the larger IT/OT environment of a utility.

“The benefits of AMI expand beyond revenue assurance -- in fact, AMI represents the backbone of many customer utility analytics and grid edge solutions,” said Timotej Gavrilovic, author of the Grid Edge Customer Utility Ecosystems report.

Integration is key, according to the report.

“Technology providers are integrating data sets, solutions and systems and partnering with others to provide a one-stop shop serving broad utility needs, increasing efficiencies and reducing costs,” Gavrilovic said. “Cloud-based deployments and platform-as-a-service offerings are becoming commonplace, creating an opportunity for utilities to balance the cost versus performance tradeoff to optimize their analytics systems and applications.”

A diverse array of customer analytics applications is a critical foundation for demonstrating the positive cost-benefit of AMI.

“Advanced analytics and applications are key to ensuring that AMI investments provide a positive return after smart meters are initiated,” said Tarrant. “Improved billing and revenue assurance was not enough everywhere to show customer benefit -- these analytics packages will leverage the distributed network infrastructure, including advanced inverters used with distributed energy resources, and subsequent increased data access, uniting the electricity markets of the EU.”

Related News

• Electricity Forum News

• Grid Technologies News

ComEd Hosting Capacity Map helps Illinois communities assess photovoltaic capacity, distributed energy resources, interconnection limits, and grid planning needs, guiding developers and policymakers on siting solar, net metering feasibility, and RPS-aligned deployment by circuit.

Key Points

An online tool showing circuit-level DER capacity, PV limits, and interconnection readiness across ComEd.

✅ Circuit-level estimates of solar hosting capacity

✅ Guides siting, interconnection, and net metering

✅ Supports RPS goals with grid planning insights

As the Illinois solar market grows from the Future Energy Jobs Act, the largest utility in the state has posted a planning tool to identify potential PV capacity in their service territory. ComEd, a Northern Illinois subsidiary of Exelon, has a hosting capacity website for its communities indicating how much photovoltaic capacity can be sited in given areas, based on the existing electrical infrastructure, as utilities pilot virtual power plant programs that leverage distributed resources.

According to ComEd’s description, “Hosting Capacity is an estimate of the amount of DER [distributed energy resources] that may be accommodated under current configurations at the overall circuit level without significant system upgrades to address adverse impacts to power quality or reliability.” This website will enable developers and local decision makers to estimate how much solar could be installed by township, sections and fractions of sections as small as ½ mile by ½ mile and to gauge EV charging impacts with NREL's projection tool for distribution planning. The map sections indicate potential capacity by AC kilowatts with a link to to ComEd’s recently upgraded Interconnection and Net Metering homepage.

The Hosting Map can provide insight into how much solar can be installed in which locations in order to help solar reach a significant portion of the Illinois Renewable Portfolio Standard (RPS) of 25% electricity from renewable sources by 2025, and to plan for transportation electrification as EV charging infrastructure scales across utility territories. For example, the 18 sections of Oak Park Township capacity range from 612 to 909 kW, and total 13,260 kW of photovoltaic power. That could potentially generate around 20 million kWh, and policy actions such as the CPUC-approved PG&E EV program illustrate how electrification initiatives may influence future demand. Oak Park, according to the PlanItGreen Report Card, a joint project of the Oak Park River Forest Community Foundation and Seven Generations Ahead, uses about 325 million kWh.

Based on ComEd’s Hosting Capacity, Oak Park could generate about 6% of its electricity from solar power located within its borders. Going significantly beyond this amount would likely require a combination of upgrades by ComEd’s infrastructure, potentially higher interconnection costs and deployment of technologies like energy storage solutions. What this does indicate is that a densely populated community like Oak Park would most likely have to get the majority of its solar and renewable electricity from outside its boundaries to reach the statewide RPS goal of 25%. The Hosting Capacity Map shows a considerable disparity among communities in ½ mile by ½ mile sections with some able to host only 100-200 kWs to some with capacities of over 3,000 kW.

Related News

• Electricity Forum News

• Renewable Energy News

Smart solar inverters anchor DER communications and control, meeting IEEE 1547 and California Rule 21 for volt/VAR, reactive power, and ride-through, expanding hosting capacity and enabling grid services via secure real-time telemetry and commands.

Key Points

Smart solar inverters use IEEE 1547, volt/VAR and reactive power to stabilize circuits and integrate DER safely.

✅ Meet IEEE 1547, Rule 21 ride-through and volt/VAR functions

✅ Support reactive power to manage voltage and hosting capacity

✅ Enable utility communications, telemetry, and grid services

Advanced solar inverters could be one of the biggest distributed energy resource communications and control points out there someday. With California now requiring at least early-stage “smart” capabilities from all new solar projects — and a standards road map for next-stage efforts like real-time communications and active controls — this future now has a template.

There are still a lot of unanswered questions about how smart inverters will be used.

That was the consensus at Intersolar this week, where experts discussed the latest developments on the U.S. smart solar inverter front. After years of pilot projects, multi-stakeholder technical working groups, and slow and steady standards development, solar smart inverters are finally starting to hit the market en masse — even if it’s not yet clear just what will be done with them once they’re installed.

“From the technical perspective, the standards are firm,” Roger Salas, distribution engineering manager for Southern California Edison, said. In September of last year, his utility started requiring that all new solar installations come with “Phase 1" advanced inverter functionality, as defined under the state’s Rule 21.

Later this month, it’s going to start requiring “reactive power priority” for these inverters, and in February 2019, it’s going to start requiring that inverters support the communications capabilities described in “Phase 2,” as well as some more advanced “Phase 3” capabilities.

Increasing hosting capacity: A win-win for solar and utilities

Each of these phases aligns with a different value proposition for smart inverters. The first phase is largely preventative, aimed at solving the kinds of problems that have forced costly upgrades to how inverters operate in solar-heavy Germany and Hawaii.

The key standard in question in the U.S. is IEEE 1547, which sets the rules for what grid-connected DERs must do to stay safe, such as trip offline when the grid goes down, or avoid overloading local transformers or circuits.

The old version of the standard, however, had a lot of restrictive rules on tripping off during relatively common voltage excursions, which could cause real problems on circuits with a lot of solar dropping off all at once.

Phase 1 implementation of IEEE 1547 is all about removing these barriers, Salas said. “They need to be stable, they need to be connected, they need to be able to support the grid.”

This should increase hosting capacity on circuits that would have otherwise been constrained by these unwelcome behaviors, he said.

Reactive power: Where utility and solar imperatives collide

The old versions of IEEE 1547 also didn’t provide rules for how inverters could use one of their more flexible capabilities: the ability to inject or absorb reactive power to mitigate voltage fluctuations, including those that may be caused by the PV itself. The new version opens up this capability, which could allow for an active application of reactive power to further increase hosting capacity, as well as solve other grid edge challenges for utilities.

But where utilities see opportunity, the solar industry sees a threat. Every unit of reactive power comes at the cost of a reduction in the real power output of solar inverters — and almost every solar installation out there is paid based on the real power it produces.

“If you’re tasked to do things that rob your energy sales, that will reduce compensation,” noted Ric O'Connell, executive director of the Oakland, Calif.-based GridLab. “And a lot of systems have third-party owners — the Sunruns, the Teslas — with growing Powerwall fleets — that have contracts, performance guarantees, and they want to get those financed. It’s harder to do that if there’s uncertainty in the future with curtailment."

“That’s the bottleneck right now,” said Daniel Munoz-Alvarez, a GTM Research grid edge analyst. “As we develop markets on the retail end for ...volt/VAR control to be compensated on the grid edge and that is compensated back to the customer, then the customer will be more willing to allow the utility to control their smart inverters or to allow some automation.”

But first, he said, “We need some agreed-upon functions.”

The future: Communications, controls and DER integration

The next stage of smart inverter functionality is establishing communications with the utility. After that, utilities will be able use them to monitor key DER data, or issue disconnect and reconnect commands in emergencies, as well as actively orchestrate other utility devices and systems through emerging virtual power plant strategies across their service areas.

This last area is where Salas sees the greatest opportunity to putting mass-market smart solar inverters to use. “If you want to maximize the DERs and what they can do, the need information from the grid. And DERs provide operational and capability information to the utility.”

Inverter makers have already been forced by California to enable the latest IEEE 1547 capabilities into their existing controls systems — but they are clearly embracing the role that their devices can play on the grid as well. Microinverter maker Enphase leveraged its work in Hawaii into a grid services business, seeking to provide data to utilities where they already had a significant number of installations. While Enphase has since scaled back dramatically, its main rival SolarEdge has taken up the same challenge, launching its own grid services arm earlier this summer.

Inverters have been technically capable of doing most of these things for a long time. But utilities and regulators have been waiting for the completion of IEEE 1547 to move forward decisively. Patrick Dalton, senior engineer for Xcel Energy, said his company’s utilities in Colorado and Minnesota are still several years away from mandating advanced inverter capabilities and are waiting for California’s energy transition example in order to choose a path forward.

In the meantime, it’s possible that Xcel's front-of-meter volt/VAR optimization investments in Colorado, including grid edge devices from startup Varentec, could solve many of the issues that have been addressed by smart inverter efforts in Hawaii and California, he noted.

The broader landscape for rolling out smart inverters for solar installations hasn’t changed much, with Hawaii and California still out ahead of the pack, while territories such as Puerto Rico microgrid rules evolve to support resilience. Arizona is the next most important state, with a high penetration of distributed solar, a contentious policy climate surrounding its proper treatment in future years, and a big smart inverter pilot from utility Arizona Public Service to inform stakeholders.

All told, eight separate smart inverter pilots are underway across eight states at present, according to GTM Research: Pacific Gas & Electric and San Diego Gas & Electric in California; APS and Salt River Project in Arizona; Hawaiian Electric in Hawaii; Duke Energy in North Carolina; Con Edison in New York; and a three-state pilot funded by the Department of Energy’s SunShot program and led by the Electric Power Research Institute.

Related News

• Electricity Forum News

• Grid Technologies News

Ontario-Quebec Electricity Deal explores hydro imports, terawatt hours, electricity costs, greenhouse gas cuts, and baseload impacts, amid debates on Pickering nuclear operations and competitive procurement in Ontario's long-term energy planning.

Key Points

A proposed hydro import deal from Quebec, balancing costs, emissions, and reliability for Ontario electricity customers.

✅ Draft 20-year, 8 TWh offer reported by La Presse disputed

✅ Ontario seeks lower costs and GHG cuts versus alternatives

✅ Not a baseload replacement; Pickering closure not planned

Ontario is negotiating a possible energy swap agreement to buy electricity from Quebec, but the government is disputing a published report that it is preparing to sign a deal for enough electricity to power a city the size of Ottawa.

La Presse reported Tuesday that it obtained a copy of a draft, 20-year deal that says Ontario would buy eight terawatt hours a year from Quebec – about 6 per cent of Ontario’s consumption – whether the electricity is consumed or not.

Ontario Energy Minister Glenn Thibeault’s office said the province is in discussions to build on an agreement signed last year for Ontario to import up to two terawatt hours of electricity a year from Quebec.

But his office released a letter dated late last month to his Quebec counterpart, in which Mr. Thibeault said the offer extended in June was unacceptable because it would increase the average residential electricity bill by $30 a year.

“I am hopeful that your continued support and efforts will help to further discussions between our jurisdictions that could lead to an agreement that is in the best interest of both Ontario and Quebec,” Mr. Thibeault wrote July 27 to Pierre Arcand.

Ontario would prepare a “term sheet” for the next stage of discussions ahead of the two ministers meeting at the Energy and Mines Ministers Conference later this month in New Brunswick, Mr. Thibeault wrote.

Any future agreements with Quebec will have to provide a reduction in Ontario electricity rates compared with other alternatives and demonstrate measurable reductions in greenhouse gas emissions, he wrote.

Progressive Conservative Leader Patrick Brown said Ontario doesn’t need eight terawatt hours of additional power and suggested it means the Liberal government is considering closing power facilities such as the Pickering nuclear plant early.

A senior Energy Ministry official said that is not on the table. The government has said it intends to keep operating two units at Pickering until 2022, and the other four units until 2024.

Even if the Quebec offer had been accepted, the energy official said, that power wouldn’t have replaced any of Ontario’s baseload power because it couldn’t have been counted on 24 hours a day, 365 days a year.

The Society of Energy Professionals said Mr. Thibeault was right to reject the deal, but called on him to release the Long-Term Energy Plan – which was supposed to be out this spring – before continuing negotiations.

Some commentators have argued for broader reforms to address Ontario's hydro system challenges, urging policymakers to review all options as negotiations proceed.

The Ontario Energy Association said the reported deal would run counter to the government’s stated energy objectives amid concerns over electricity prices in the province.

“Ontarians will not get the benefit of competition to ensure it is the best of all possible options for the province, and companies who have invested in Ontario and have employees here will not get the opportunity to provide alternatives,” president and chief executive Vince Brescia said in a statement. “Competitive processes should be used for any new significant system capacity in Ontario.”

The Association of Power Producers of Ontario said it is concerned the government is even considering deals that would “threaten to undercut a competitive marketplace and long-term planning.”

“Ontario already has a surplus of energy, so it’s very difficult to see how this deal or any other sole-source deal with Quebec could benefit the province and its ratepayers,” association president and CEO David Butters said in a statement.

The Ontario Waterpower Association also said such a deal with Quebec would “present a significant challenge to continued investment in waterpower in Ontario.”

Related News

• Electricity Forum News

• Energy Policy News

Russian cyberattacks on U.S. power grid exposed DHS warnings: Dragonfly/Energetic Bear breached control rooms, ICS networks, and could trigger blackouts via switch manipulation, phishing, and malware, threatening critical infrastructure and utility operations nationwide.

Key Points

State-backed breaches of utility ICS and control rooms enabled potential switch manipulation and blackouts.

✅ DHS: Dragonfly/Energetic Bear breached utility networks

✅ Access reached control rooms and ICS for switch control

✅ Ongoing campaign via phishing, malware, lateral movement

Russian hackers for a state-sponsored organization invaded hundreds of control rooms of U.S. electric utilities that could have led to blackouts, a new report says.

The group, known as Dragonfly or Energetic Bear, infiltrated networks of U.S. utilities as part of an effort that is likely ongoing, Department of Homeland Security officials told the Wall Street Journal.

Jonathan Home, chief of industrial-control-system analysis for DHS, said the hackers “got to the point where they could have thrown switches” and upset power flows.

Although the agency did not disclose which companies were impacted, the officials at a briefing Monday said that there were “hundreds of victims” including breaches at power plants across the U.S., and that some companies may not be aware that hackers infiltrated their networks yet.

According to experts, Russia has been preparing for such attacks for some time now, prompting a renewed focus on protecting the grid among utilities and policymakers.

“They’ve been intruding into our networks and are positioning themselves for a limited or widespread attack,” said former Deputy Assistant Defense Secretary Michael Carpenter, now senior director at the Penn Biden Center at the University of Pennsylvania, per the Wall Street Journal. “They are waging a covert war on the West.”

Earlier this year, the Trump administration claimed Russia had staged a power grid hacking campaign against the U.S. energy grid and other U.S. infrastructure.

The report comes after President Trump told reporters last week during a joint press conference in Helsinki alongside Russian President Vladimir Putin that he had no reason not to believe the Russian leader's assurances to him that the Kremlin was not to blame for interference in the election.

Trump later admitted that he misspoke when he said he didn’t “see any reason why” Russia would have meddled in the 2016 election, and said he believes the U.S. intelligence community assessment that found that the Russian government did interfere in the electoral process.

Related News

• Electricity Forum News

• Grid Technologies News