New Rules for a Future Puerto Rico Microgrid Landscape

Crouching Yeti APT targets energy infrastructure with watering-hole attacks, compromising servers to steal credentials and stage intrusions; Kaspersky Lab links the Energetic Bear group to ICS threats across Russia, US, Europe, and Turkey.

Key Points

Crouching Yeti APT, aka Energetic Bear, is a threat group that targets energy firms using watering-hole attacks.

✅ Targets energy infrastructure via watering-hole compromises

✅ Uses open-source tools and backdoored sshd for persistence

✅ Scans global servers to stage intrusions and steal credentials

A hacker collective known for attacking industrial companies around the world have had some of their infrastructure identified by Russian security specialists.

Kaspersky Lab said that it has discovered a number of servers compromised by the group, belonging to different organisations based in Russia, the US, and Turkey, as well as European countries.

The Russian-speaking hackers, known as Crouching Yeti or Energetic Bear, mostly focus on energy facilities, as seen in reports of infiltration of the U.S. power grid targeting critical infrastructure, for the main purpose of stealing valuable data from victim systems.

Hacked servers

Crouching Yeti is described as an advanced persistent threat (APT) group that Kaspersky Lab has been tracking since 2010.

#google#

Kaspersky Lab said that the servers it has compromised are not just limited to industrial companies. The servers were hit in 2016 and 2017 with different intentions. Some were compromised to gain access to other resources or to be used as intermediaries to conduct attacks on other resources.

Others, including those hosting Russian websites, were used as watering holes.

It is a common tactic for Crouching Yeti to utilise watering hole attacks where the attackers inject websites with a link redirecting visitors to a malicious server.

“In the process of analysing infected servers, researchers identified numerous websites and servers used by organisations in Russia, US, Europe, Asia and Latin America that the attackers had scanned with various tools, possibly to find a server that could be used to establish a foothold for hosting the attackers’ tools and to subsequently develop an attack,” said the security specialists in a blog posting.

“The range of websites and servers that captured the attention of the intruders is extensive,” the firm said. “Kaspersky Lab researchers found that the attackers had scanned numerous websites of different types, including online stores and services, public organisations, NGOs, manufacturing, etc.

Kaspersky Lab said that the hackers used publicly available malicious tools, designed for analysing servers, and for seeking out and collecting information. The researchers also found a modified sshd file with a preinstalled backdoor. This was used to replace the original file and could be authorised with a ‘master password’.

“Crouching Yeti is a notorious Russian-speaking group that has been active for many years and is still successfully targeting industrial organisations through watering hole attacks, among other techniques,” explained Vladimir Dashchenko, head of vulnerability research group at Kaspersky Lab ICS CERT.

Russian government?

“Our findings show that the group compromised servers not only for establishing watering holes, but also for further scanning, and they actively used open-sourced tools that made it much harder to identify them afterwards,” he said.

“The group’s activities, such as initial data collection, the theft of authentication data, and the scanning of resources, are used to launch further attacks,” said Dashchenko. “The diversity of infected servers and scanned resources suggests the group may operate in the interests of the third parties.”

This may well tie into a similar conclusion from a rival security vendor.

In 2014 CrowdStrike claimed that the ‘Energetic Bear’ group was also tracked in Symantec's Dragonfly research and had been hacking foreign companies on behalf of the Russian state.

The security vendor had said the group had been carrying out attacks on foreign companies since 2012, with reports of breaches at U.S. power plants that underscored the campaign, and there was evidence that these operations were sanctioned by the Russian government.

Last month the United States for the first time publicly accused Russia in a condemnation of Russian grid hacking of attacks against the American power grid.

Symantec meanwhile warned last year of a resurgence in cyber attacks on European and US energy companies, including reports of access to U.S. utility control rooms that could result in widespread power outages.

And last July the UK’s National Cyber Security Centre (NCSC) acknowledged it was investigating a broad wave of attacks on companies in the British energy and manufacturing sectors.

Related News

• Electricity Forum News

• Grid Technologies News

Dragonfly energy sector cyberattacks target ICS and SCADA across critical infrastructure, including the power grid and nuclear facilities, using spearphishing, watering-hole sites, supply-chain compromises, malware, and VPN exploits to gain operational access.

Key Points

Dragonfly APT campaigns target energy firms and ICS to gain grid access, risking manipulation and service disruption.

✅ Breaches leveraged spearphishing, watering-hole sites, and supply chains.

✅ Targeted ICS, SCADA, VPNs to pivot into operational networks.

✅ Aimed to enable power grid manipulation and potential outages.

An October, 2017 report by researchers at Symantec Corp., cited by the U.S. government, has linked recent US power grid cyber attacks to a group of hackers it had code-named "Dragonfly", and said it found evidence critical infrastructure facilities in Turkey and Switzerland also had been breached.

The Symantec researchers said an earlier wave of attacks by the same group starting in 2011 was used to gather intelligence on companies and their operational systems. The hackers then used that information for a more advanced wave of attacks targeting industrial control systems that, if disabled, leave millions without power or water.

U.S. intelligence officials have long been concerned about the security of the country’s electrical grid. The recent attacks, condemned by the U.S. government, striking almost simultaneously at multiple locations, are testing the government’s ability to coordinate an effective response among several private utilities, state and local officials, and industry regulators.

#google#

While the core of a nuclear generator is heavily protected, a sudden shutdown of the turbine can trigger safety systems. These safety devices are designed to disperse excess heat while the nuclear reaction is halted, but the safety systems themselves may be vulnerable to attack.

The operating systems at nuclear plants also tend to be legacy controls built decades ago and don’t have digital control systems that can be exploited by hackers.

“Since at least March 2016, Russian government cyber actors… targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors,” according to Thursday’s FBI and Department of Homeland Security report. The report did not say how successful the attacks were or specify the targets, but said that the Russian hackers “targeted small commercial facilities’ networks where they staged malware, conducted spearphishing, and gained remote access into energy sector networks.” At least one target of a string of infrastructure attacks last year was a nuclear power facility in Kansas.

Symantec doesn’t typically point fingers at particular nations in its research on cyberattacks, said Eric Chien, technical director of Symantec’s Security Technology and Response division, though he said his team doesn’t see anything it would disagree with in the new federal report. The government report appears to corroborate Symantec’s research, showing that the hackers had penetrated computers and accessed utility control rooms that would let them directly manipulate power systems, he says.

“There were really no more technical hurdles for them to do something like flip off the power,” he said.

And as for the group behind the attacks, Chien said it appears to be relatively dormant for now, but it has gone quiet in the past only to return with new hacks.

“We expect they’re sort of retooling now, and they likely will be back,”

In some cases, Dragonfly successfully broke into the core systems that control US and European energy companies, Symantec revealed.

“The energy sector has become an area of increased interest to cyber-attackers over the past two years,” Symantec said in its report.

“Most notably, disruptions to Ukraine’s power system in 2015 and 2016 were attributed to a cyberattack and led to power outages affecting hundreds of thousands of people. In recent months, there have also been media reports of attempted attacks on the electricity grids in some European countries, as well as reports of companies that manage nuclear facilities in the US being compromised by hackers.

“The Dragonfly group appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so. Symantec customers are protected against the activities of the Dragonfly group.”

In recent weeks, senior US intelligence officials said that the Kremlin believes it can launch hacking operations against the West with impunity, including a cyber weapon that can disrupt power grids, according to assessments.

The DHS and FBI report further elaborated: “This campaign comprises two distinct categories of victims: staging and intended targets. The initial victims are peripheral organisations such as trusted third-party suppliers with less-secure networks, referred to as ‘staging targets’ throughout this alert.

“The threat actors used the staging targets’ networks as pivot points and malware repositories when targeting their final intended victims. National Cybersecurity and Communications Integration Center and FBI judge the ultimate objective of the actors is to compromise organisational networks, also referred to as the ‘intended target’.”

According to the US alert, hackers used a variety of attack methods, including spear-phishing emails, watering-hole domains, credential gathering, open source and network reconnaissance, host-based exploitation, and deliberate targeting of ICS infrastructure.

The attackers also targeted VPN software and used password cracking tools.

Once inside, the attackers downloaded tools from a remote server and then carried out a number of actions, including modifying key systems to store plaintext credentials in memory, and built web shells to gain command and control of targeted systems.

“This actors’ campaign has affected multiple organisations in the energy, nuclear, water, aviation, construction and critical manufacturing sectors, with hundreds of victims across the U.S. power grid confirmed,” the DHS said, before outlining a number of steps that IT managers in infrastructure organisations can take to cleanse their systems and defend against Russian hackers. he said.
 

Related News

• Electricity Forum News

• Grid Technologies News

Maryland Community Solar Program enables renters and condo residents to subscribe to offsite solar, earn utility bill discounts, and support projects across BGE, Pepco, Delmarva, and Potomac Edison territories, with low to moderate income participation.

Key Points

A pilot allowing residents to subscribe to offsite solar and get bill credits and savings, regardless of home ownership.

✅ 5-10 percent discounts on standard utility rates

✅ Available in BGE, Pepco, Delmarva, Potomac Edison areas

✅ Includes low and moderate income subscriber carve-outs

Maryland has launched a pilot program that will allow anyone to power their home with solar panels — even if they are renters or condo-dwellers, or live in the shade of trees.

Solar developers are looking for hundreds of residents to subscribe to six power projects planned across the state, including recently announced sites in Owings Mills and Westminster. Their offers include discounts on standard electric rates.

The developers need a critical mass of customers who are willing to buy the projects’ electricity before they can move forward with plans to install solar panels on about 80 acres. Under state rules, the customer base must include low- and moderate-income residents, many of whom face energy insecurity challenges.

The idea of the community solar program is to tap into the pool of residential customers who don’t want to get their energy from fossil fuels but currently have no way to switch to a cleaner alternative.

That could significantly expand demand for solar projects, said Gary Skulnik, a longtime Maryland solar entrepreneur.

Skulnik is now CEO of Neighborhood Sun, a company recruiting customers for the six projects.

“You’re signing up for a project that won’t exist unless we get enough subscribers,” Skulnik said. “You’re actually getting a new project built.”

It could also stoke simmering conflicts over what sort of land is appropriate for solar development.

The General Assembly authorized the community solar pilot program in 2015. But not-in-my-backyard opposition and concerns about the loss of agricultural land have slowed progress.

Community solar could force more communities to confront those sorts of clashes — and to consider more carefully where solar farms belong.

“We are going to see a lot more solar development in the state,” said Megan Billingsley, assistant director of the Valleys Planning Council in Baltimore County. “One of the things we haven’t seen is any direction or thoughtful planning on where we want to see solar development.”

The General Assembly authorized about 200 megawatts in community solar projects — enough to power about 40,000 households — over three years.

Customers can sign up for projects built within the territory of their electric utility. About half of that solar energy load has been allotted for the region served by Baltimore Gas and Electric Co.

By subscribing to a community solar project, customers won’t actually be getting their electricity from its photovoltaic panels. But their payments will help finance it and, in some cases, complementary battery storage solutions as well.

The Public Service Commission has approved six projects so far: Two in BGE territory, in Owings Mills and near Westminster; one in Pepco territory, in Prince George’s County; two in Delmarva Power and Light territory, in Caroline and Worcester counties; and one in Potomac Edison territory, in Washington County where planning officials have developed proposed recommendations.

More projects are expected to win approval in the next two years.

But none of them can be built unless they catch on with electricity customers. The developers are looking for 2,600 customers statewide.

Skulnik would not say how many customers an individual project needs to get the green light. But he said that the Prince George’s proposal, a 25-acre array atop a Fort Washington landfill is the closest, with about 100 subscribers so far.

The terms of subscription vary by project, but discounts range from 5 percent to 10 percent off utility rates. Customers are asked to commit to the projects for as long as 25 years. (They can break the contracts with advance notice, or if they move to a different utility service area.)

Maryland joins more than a dozen states in advancing community solar projects, as scientists work to improve solar and wind power technology.

Corey Ramsden is an executive for Solar United Neighbors, a nonprofit that promotes the solar industry in eight states and the District of Columbia.

He said potential customers are often confused by the mechanics of subscribing to community solar, or hesitant to commit for years or even decades. The industry is working to answer questions and get people more comfortable with the idea, he said.

But it has been a challenge across the country, including debates over New England grid upgrades, and in Maryland. Advocates for solar say there is broad support for renewable energy generation. The state has set goals to increase green energy use and reduce greenhouse gas emissions.

Still, many Marylanders don’t welcome the reality when a project attempts to move in.

Rural land is often the most desirable for solar developers, because it requires the least effort to prepare for an array of panels. But community groups in those areas have asked whether land historically used for farming is right for a more industrial use.

“People are very much in favor of going for a lot more renewables, for whatever reason,” said Dru Schmidt-Perkins, the former president of the land conservation group 1,000 Friends of Maryland. “That support comes to a screeching halt when land that is perceived to be valuable for other things, whether a historic view­shed or farming, suddenly becomes a target of a location for this new project.”

Such concerns have at least temporarily stalled the momentum for solar across the state. Anne Arundel County had at least five small community solar projects in the pipeline in December when officials decided to pause development for eight months. Baltimore County officials imposed a four-month moratorium on solar development before passing an ordinance last year to limit the size and number of solar farms.

Billingsley said the Valley Plannings Council, which advocates for historic and rural areas in western Baltimore County, is frustrated that there hasn’t been more discussion about which areas the county should target for solar development — and which it shouldn’t.

She said she fears that pressure to expand solar farms across rural lands is only going to grow as community solar projects launch, and as lawmakers in Annapolis talk about more policies to promote investment in renewable energy.

Schmidt-Perkins called community solar “an amazing program” for those who would install solar panels on their roofs if they could. But she said its launch heightens the importance of discussions about a broader solar strategy.

“Most communities are caught a little flat-footed on this and are somewhat at the mercy of an industry that’s chomping at the bit,” she said. “It’s time for Maryland to say, ‘Okay, let’s come up with our plan so that we know how much solar can we really generate in this state on lands that are not conflict-based.’”

Related News

• Electricity Forum News

• Renewable Energy News

GMP Tesla Powerwall Program replaces utility meters with smart battery storage, enabling virtual power plant services, demand response, and resilient homes, integrating solar readiness, EV charging support, and smart grid controls across Vermont households.

Key Points

Green Mountain Power uses Tesla Powerwalls as smart meters, creating a VPP for demand response and home backup.

✅ $30 monthly for 10 years or $3,000 upfront for two units

✅ Utility controls batteries for peak shaving and demand response

✅ Enables backup power, solar readiness, and EV charging support

There are more than 100 million single-family homes in the United States of America. If each of these homes were to have two 13.5 kWh Tesla Powerwalls, that would total 2.7 Terawatt-hours worth of electricity stored. Prior research has suggested that this volume of energy storage could get us halfway to the 5.4 TWh of storage needed to let the nation get 80% of its electricity from solar and wind, as states like California increasingly turn to grid batteries to support the transition.

Vermont utility Green Mountain Power (GMP) seeks to remove standard electric utility metering hardware and replace it with the equipment inside of a Tesla Powerwall, as part of a broader digital grid evolution underway. Mary Powell, President and CEO of Green Mountain Power, says, “We have a vision of a battery system in every single home” and they’ve got a patent pending software solution to make it happen.

The Resilient Home program will install two standard Tesla Powerwalls each in 250 homes in GMP’s service area. The homeowner will pay either $30 a month for ten years ($3,600), or $3,000 up front. At the end of the ten year period, payments end, but the unit can stay in the home for an additional five years – or as long as it has a usable life.

A single Powerwall costs approximately $6,800, making this a major discount.

GMP notes that the home must have reliable internet access to allow GMP and Tesla to communicate with the Powerwall. GMP will control the functions of the Powerwall, effectively operating a virtual power plant across participating homes, expanding the scope of programs like those that saved the state’s ratepayers more than $500,000 during peak demand events last year. The utility specifically notes that customers agree to share stored energy with GMP on several peak demand days each year.

The hardware can be designed to interact with current backup generators during power outages, or emerging fuel cell solutions that maintain battery charge longer during extended outages, however, the units will not charge from the generator. As noted the utility will be making use of the hardware during normal operating times, however, during a power outage the private home owner will be able to use the electricity to back up both their house and top off their car.

The utility told pv magazine USA that the Powerwalls are standard from the factory, with GMP’s patent pending software solution being the special sauce (has a hint of recent UL certifications). GMP said the program will also get home owners “adoption ready” for solar power, including microgrid energy storage markets, and other smart devices.

Sonnen’s ecoLinx is already directly interacting with a home’s electrical panel (literally throwing wifi enabled circuit breakers). Now with Tesla Powerwalls being used to replace utility meters, we see one further layer of integration that will lead to design changes that will drive residential solar toward $1/W. Electric utilities are also experimenting with controlling module level electronics and smart solar inverters in 100% residential penetration situations. And of course, considering that California is requiring solar – and probably storage in the future – in all new homes, we should expect to see further experimentation in this model. Off grid solar inverter manufacturers already include electric panels with their offerings.

If we add in the electric car, and have vehicle-to-grid abilities, we start to see a very strong amount of electricity generation and energy storage, helping to keep the lights on during grid stress, potentially happening in more than 100 million residential power plants. Resilient homes indeed.

Related News

• Electricity Forum News

• Grid Technologies News

EV-Driven Electricity Demand Growth will reshape utilities through electrification, EV adoption, grid modernization, and ratebasing of charging, as NREL forecasts rising terawatt-hours, CAGR increases, and demand-side flexibility to manage emissions and reliability.

Key Points

Growth in power consumption fueled by EV adoption and electrification, increasing utility sales and grid investment.

✅ NREL projects 20%-38% higher U.S. load by 2050

✅ Utilities see CAGR up to 1.6% and 80 TWh/year growth

✅ Demand-side flexibility and EV charging optimize grids

Utilities have struggled with flat demand for years, but analysis by the National Renewable Energy Laboratory predicts steady growth across the next three decades — largely driven by the adoption of electric vehicles, including models like the Tesla Model 3 that are reshaping expectations.

The study considers three scenarios, a reference case and medium- and high-adoption electrification predictions. All indicate demand growth, but in the medium and high scenarios for 2050, U.S. electricity consumption increases by 20% and 38%, respectively, compared to business as usual.

Utilities could go from stagnant demand to compound annual growth rates of 1.6%, which would amount to sustained absolute growth of 80 terawatt-hours per year.

"This unprecedented absolute growth in annual electricity consumption can significantly alter supply-side infrastructure development requirements," the report says, and could challenge state power grids in multiple regions.

NREL's Trieu Mai, principal investigator for the study, cautions that more research is needed to fully assess the drivers and impacts of electrification, "as well as the role and value of demand-side flexibility."

"Although we extensively and qualitatively discuss the potential drivers and barriers behind electric technology adoption in the report, much more work is needed to quantitatively understand these factors," Mai said in a statement.

However, utilities have largely bought into the dream.

"Electric vehicles are the biggest opportunity we see right now," Energy Impact Partners CEO Hans Kobler told Utility Dive. And the impact could go beyond just higher kilowattt-hour sales, particularly as electric truck fleets come online.

"When the transportation sector is fully electrified, it will result in around $6 trillion in investment," Kobler said. "Half of that is on the infrastructure side of the utility." And the industry can also benefit through ratebasing charging stations and managing the new demand.

One benefit that NREL's report points to is the possibility of "expanded value streams enabled by electric and/or grid-connected technologies," such as energy storage and mobile chargers that enhance flexibility.

"Many electric utilities are carefully watching the trend toward electrification, as it has the potential to increase sales and revenues that have stagnated or fallen over the past decade," the report said, highlighting potential benefits for all customers as adoption grows. "Beyond power system planning, other motivations to study electrification include its potential to impact energy security, emissions, and innovation in electrical end-use technologies and overall efficient system integration. The impacts of electrification could be far-reaching and have benefits and costs to various stakeholders."

Related News

• Electricity Forum News

• EV Infrastructure News

Maine Climate Council Act targets 80% renewable power by 2030 and 100% by 2050, slashing greenhouse gas emissions via clean electricity, grid procurement, long-term contracts, wind and hydro integration, resilience planning, and carbon sequestration.

Key Points

A Maine policy forming a Climate Council to reach 80% renewables in 2030 100% in 2050 and cut greenhouse gas emissions.

✅ 80% renewable electricity by 2030; 100% by 2050.

✅ 45% GHG cut by 2030; 80% by 2050.

✅ Utility procurement authority for clean capacity and energy.

The winds of change have shifted and are blowing Northward, as Maine’s Governor, Janet T. Mills, has put forth an act establishing a Climate Council to guide the state’s consumption to 80% renewable electricity in 2030 and 100% by 2050, echoing New York's Green New Deal ambitions underway.

The act, LR 2478 (pdf), also sets a goal of reducing greenhouse gas emissions by 45% in 2030 and 80% by 2050. The document will be submitted to the state Legislature for consideration.

The commission would have the authority to direct investor owned transmission and distribution utilities to run competitive procurement processes, and enter into long-term contracts for capacity resources, energy resources, renewable energy credit contracts, and participate in regional programs, as these all lead toward the clean electricity and emissions-reducing goals that mirror California's 100% mandate debates today.

The Climate Council would convene industry working groups, including Scientific and Technical, Transportation, Coastal and Marine, Energy, and Building & Infrastructure working groups, plus others as needed, where examples like New Zealand's electricity transition could inform discussions.

Membership within the council would include two members of the State Senate, two members of the House, a tribal representative, many department commissioners (Education, Defense, Transportation, etc.), multiple directors, business representatives, environmental non-profit members, and climate science and resilience representatives as well.

The council would update the Maine State Climate Plan every four years, and solicit input from the public and report out progress on its goals every two years, similar to planning underway in Minnesota's carbon-free plan framework. The first Climate Action Plan would be submitted to the legislature by December 1, 2020.

Specifically, the responsibilities of the Scientific and Technical Subcommittee were laid out. The group would be scheduled to meet at least every six months, beginning no later than October 1, 2019. The group would be tasked with reviewing existing scientific literature, including net-zero electricity pathways research, to use it as guidance, recognizing gaps in the state’s knowledge, and guiding outside experts to ascertain this knowledge.  The group would consider ocean acidification, and climate change effects on the state’s species; establish science-based sea-level rise projections for the state’s coastal regions by December 1, 2020; create a climate risk map for flooding and extreme weather events; and consider carbon sequestration via biomass growth.

The state’s largest power plants (above image), generate about 31% from gas, 28% from wood and 41% from hydro+wind. Already, the state has a very clean electricity profile, much like efforts to decarbonize Canada's power sector continue apace. Below, the U.S. Energy Information Administration (EIA) notes that 51% of electricity generation within the state comes from mostly wind+hydro, with a small touch from solar power. The state also gets 24% from wood and other biomass, which would lead some to argue that the state is already at 75% “renewable electricity”. The Governor’s document does reference wind power specifically as a renewable, however, no other specific electricity source. And there is much reference to forestry, agriculture, and logging – specifically noting carbon sequestration – but nothing regarding electricity.

The state’s final 25% of electricity mostly comes from natural gas, even as renewable electricity momentum builds across North America, with this author choosing to put “other” under the fossil percentage noted above.

Related News

• Electricity Forum News

• Renewable Energy News