Smart Grid Solutions Using ProFieldMETER™ Technology

Crouching Yeti APT targets energy infrastructure with watering-hole attacks, compromising servers to steal credentials and stage intrusions; Kaspersky Lab links the Energetic Bear group to ICS threats across Russia, US, Europe, and Turkey.

Key Points

Crouching Yeti APT, aka Energetic Bear, is a threat group that targets energy firms using watering-hole attacks.

✅ Targets energy infrastructure via watering-hole compromises

✅ Uses open-source tools and backdoored sshd for persistence

✅ Scans global servers to stage intrusions and steal credentials

A hacker collective known for attacking industrial companies around the world have had some of their infrastructure identified by Russian security specialists.

Kaspersky Lab said that it has discovered a number of servers compromised by the group, belonging to different organisations based in Russia, the US, and Turkey, as well as European countries.

The Russian-speaking hackers, known as Crouching Yeti or Energetic Bear, mostly focus on energy facilities, as seen in reports of infiltration of the U.S. power grid targeting critical infrastructure, for the main purpose of stealing valuable data from victim systems.

Hacked servers

Crouching Yeti is described as an advanced persistent threat (APT) group that Kaspersky Lab has been tracking since 2010.

#google#

Kaspersky Lab said that the servers it has compromised are not just limited to industrial companies. The servers were hit in 2016 and 2017 with different intentions. Some were compromised to gain access to other resources or to be used as intermediaries to conduct attacks on other resources.

Others, including those hosting Russian websites, were used as watering holes.

It is a common tactic for Crouching Yeti to utilise watering hole attacks where the attackers inject websites with a link redirecting visitors to a malicious server.

“In the process of analysing infected servers, researchers identified numerous websites and servers used by organisations in Russia, US, Europe, Asia and Latin America that the attackers had scanned with various tools, possibly to find a server that could be used to establish a foothold for hosting the attackers’ tools and to subsequently develop an attack,” said the security specialists in a blog posting.

“The range of websites and servers that captured the attention of the intruders is extensive,” the firm said. “Kaspersky Lab researchers found that the attackers had scanned numerous websites of different types, including online stores and services, public organisations, NGOs, manufacturing, etc.

Kaspersky Lab said that the hackers used publicly available malicious tools, designed for analysing servers, and for seeking out and collecting information. The researchers also found a modified sshd file with a preinstalled backdoor. This was used to replace the original file and could be authorised with a ‘master password’.

“Crouching Yeti is a notorious Russian-speaking group that has been active for many years and is still successfully targeting industrial organisations through watering hole attacks, among other techniques,” explained Vladimir Dashchenko, head of vulnerability research group at Kaspersky Lab ICS CERT.

Russian government?

“Our findings show that the group compromised servers not only for establishing watering holes, but also for further scanning, and they actively used open-sourced tools that made it much harder to identify them afterwards,” he said.

“The group’s activities, such as initial data collection, the theft of authentication data, and the scanning of resources, are used to launch further attacks,” said Dashchenko. “The diversity of infected servers and scanned resources suggests the group may operate in the interests of the third parties.”

This may well tie into a similar conclusion from a rival security vendor.

In 2014 CrowdStrike claimed that the ‘Energetic Bear’ group was also tracked in Symantec's Dragonfly research and had been hacking foreign companies on behalf of the Russian state.

The security vendor had said the group had been carrying out attacks on foreign companies since 2012, with reports of breaches at U.S. power plants that underscored the campaign, and there was evidence that these operations were sanctioned by the Russian government.

Last month the United States for the first time publicly accused Russia in a condemnation of Russian grid hacking of attacks against the American power grid.

Symantec meanwhile warned last year of a resurgence in cyber attacks on European and US energy companies, including reports of access to U.S. utility control rooms that could result in widespread power outages.

And last July the UK’s National Cyber Security Centre (NCSC) acknowledged it was investigating a broad wave of attacks on companies in the British energy and manufacturing sectors.

Related News

• Electricity Forum News

• Grid Technologies News

Site C Dam Electricity Demand underscores B.C.'s decarbonization path, enabling electrification of EVs, heat pumps, and industry, aligning with BC Hydro forecasts and 2030/2050 GHG targets to supply dependable, renewable baseload power.

Key Points

Projected clean power tied to Site C, driven by B.C. electrification to meet 2030 and 2050 greenhouse gas targets.

✅ Aligns with 25-30% by 2030 and 55-70% by 2050 GHG cuts

✅ Supports EVs, heat pumps, and industrial electrification

✅ Provides dependable baseload alongside efficiency gains

There are valid reasons not to build the Site C dam. There are also valid reasons to build it. One of the latter is the rapid increase in clean electricity needed to reduce B.C.’s greenhouse gas emissions from burning natural gas, gasoline, diesel and other harmful fossil fuel products.

Although former Premier Christy Clark casually avoided near-term emissions targets, Prime Minister Justin Trudeau has set Canadian targets for both 2030 and 2050, and cleaning up Canada's electricity is critical to meeting them. Studies by my research group at Simon Fraser University and other independent analysts show that B.C.’s cost-effective contribution to these national targets requires us to reduce our emissions 25 to 30 per cent by 2030 and 55 to 70 per cent by 2050 — an energy evolution involving, among other things, a much greater use of electricity in buildings, vehicles and industry.

Recent submissions to the Site C hearing have offered widely different estimates of B.C.’s electricity demand in the decade after the project’s completion in 2025, some arguing the dam’s output will be completely surplus to domestic need for years and perhaps decades, even though improved B.C.-Alberta grid links could help balance regional demand. Some of this variation in demand forecasts is understandable. Industrial demand is especially difficult to predict, dependent as it is on global economic conditions and shifting trade relations. And there are legitimate uncertainties about B.C. Hydro’s ability to reduce electricity demand by promoting efficient products and behaviour through its Power Smart program. But some of the forecasts appear to be deliberate exaggerations, designed to support fixed positions for or against Site C.

Our university-based research team models the energy system changes required to meet national and provincial emissions targets, and we have been comparing estimates of the electricity demand implications. These estimates are produced by academics, as well as by key institutions like B.C. Hydro, the National Energy Board, and the governments of Canada and B.C.

Most electricity forecasts for B.C., including the most recent by B.C. Hydro, do not assume that B.C. reduces its greenhouse gas emissions by 25 to 30 per cent by 2030 and 55 to 70 per cent by 2050. When we adjust Hydro’s forecast for just the low end of these targets, we find that in its latest, August 30, submission to the Site C hearing, which followed the premier’s over-budget go-ahead on the project, Hydro has underestimated the demand for its electricity by about three terawatt-hours in 2025, four in 2030 and 10 in 2035. Hydro’s forecast indicates that it will need the five terawatt-hours from Site C. Our research shows that even if Hydro’s demand forecast is too high, appropriate climate policy nationally and in B.C. will absorb all the electricity the dam can produce soon after its completion.

B.C. Hydro does not forecast electricity demand to 2050. But, studies by us and others show that B.C. electricity demand will be almost double today’s levels if we are to reduce emissions by 55 to 70 per cent, even amid a documented risk of missing the 2050 target, in just over three decades while our population, economy, buildings and equipment grow significantly. Most mid- and small-sized vehicles will be electric. Most buildings will be well insulated and heated by electric resistance or electric heat-pumps, either individually or via district heating systems. And many low temperature industrial applications will be electric.

Aggressive efforts to promote energy efficiency will make an important contribution, such that energy demand will not grow nearly as fast as the economy. But it is delusional to think that humans will stop using energy. Even climate policy scenarios in which we assume unprecedented success with energy efficiency show dramatic increases in the consumption of electricity, this being the most favoured zero-emission form of energy as a replacement for planet-destroying gasoline and natural gas.

The completion of the Site C dam is a complicated and challenging societal choice, and delay-related cost risks highlighted by the premier underscore the stakes. There is unbiased evidence and argument supporting either completion or cancellation. But let’s stick to the unbiased evidence. In the case of our 2030 and 2050 greenhouse gas reduction targets, such evidence shows that we must substantially increase our generation of dependable electricity. If the Site C dam is built, and if we are true to our climate goals, all its electricity will be used in B.C. soon after completion.

Mark Jaccard is a professor of sustainable energy in the School of Resource and Environmental Management at Simon Fraser University.

Related News

• Electricity Forum News

• Climate Change News

Western Grid Integration aligns CAISO with a regional transmission operator under FERC oversight, boosting renewables, reliability, and cost savings while respecting state energy policy, emissions goals, and utility regulation across the West.

Key Points

Western Grid Integration lets CAISO operate under FERC to cut costs, boost reliability, and accelerate renewables.

✅ Lowers wholesale costs via wider dispatch and resource sharing

✅ Improves reliability with regional balancing and reserves

✅ Preserves state policy authority under FERC oversight

A strong and timely endorsement for western grid integration forcefully rebuts claims that moving from a balkanized system with 38 separate entities to a regional operation could introduce environmental problems, raise costs, or, as critics warn, export California’s energy policies to other western states, or open state energy and climate policies to challenge by federal regulators. In fact, Yale University’s Environmental Protection Clinic identifies numerous economic and environmental benefits from allowing the California Independent System Operator to become a regional grid operator.

The groundbreaking report comprehensively examines the policy and legal merits of allowing the California Independent System Operator (CAISO) to become a regional grid operator, open to any western utility or generator that wants to join, as similar market structure overhauls proceed in New England.

The Yale report identifies the increasing constraints that today’s fragmented western grid imposes on system-wide electricity costs and reliability, addresses the potential benefits of integration, and evaluates  potential legal risks for the states involved. California receives particular attention because its legislature is considering the first step in the grid integration process, which involves authorizing the CAISO to create a fully independent board, even as it examines revamping electricity rates to clean the grid (other western states are unlikely to approve joining an entity whose governance is determined solely by California’s governor and legislature, as is the case now).

Elements of the report

The analysis examined all of California’s key energy and climate policies, from its cap on carbon emissions to its renewable energy goals and its pollution standards for power plants, and concludes that none would face additional legal risks under a fully integrated western grid. The operator of such a grid would be regulated by an independent federal agency (the Federal Energy Regulatory Commission)—but so is the CAISO itself, now and since its inception, by virtue of its extended involvement in interstate electricity commerce throughout the West. 

And if empowered to serve the entire region, the CAISO would not interfere with the longstanding rights of California and other states to regulate their utilities’ investments or set energy and climate policies. The study points out that grid operators don’t set energy policies for the states they serve; they help those states minimize costs, enhance reliability in the wake of California blackouts across the state, and avoid unnecessary pollution.

And as to whether an integrated grid would help renewable energy or fossil fuels, the report finds that renewable resources would be the inevitable winners, thanks to their lower operating costs, although the most important winners would be western utility customers, through lower bills, expanded retail choice options, and improved reliability.

Call to action

The Yale report concludes with what amounts to a call to action for California’s legislators:

“In sum, enhanced Western grid integration in general, and the emergence of a regional system operator in particular, would not expose California’s clean energy policies to additional legal risks. Shifting to a regional grid operator would enable more efficient, affordable and reliable integration of renewable resources without increasing the legal risk to California’s clean energy policies.”

The authors of the analysis, from the Yale Law School and the Yale School of Forestry and Environmental Studies, are Juliana Brint, Josh Constanti, Franz Hochstrasser. and Lucy Kessler. They dedicated months to the project, consulted with a diverse group of reviewers, and made the trek from New Haven to Folsom, CA, to visit the California Independent System Operator and interview key staff members.

Related News

• Electricity Forum News

• Grid Technologies News

Dragonfly energy sector cyberattacks target ICS and SCADA across critical infrastructure, including the power grid and nuclear facilities, using spearphishing, watering-hole sites, supply-chain compromises, malware, and VPN exploits to gain operational access.

Key Points

Dragonfly APT campaigns target energy firms and ICS to gain grid access, risking manipulation and service disruption.

✅ Breaches leveraged spearphishing, watering-hole sites, and supply chains.

✅ Targeted ICS, SCADA, VPNs to pivot into operational networks.

✅ Aimed to enable power grid manipulation and potential outages.

An October, 2017 report by researchers at Symantec Corp., cited by the U.S. government, has linked recent US power grid cyber attacks to a group of hackers it had code-named "Dragonfly", and said it found evidence critical infrastructure facilities in Turkey and Switzerland also had been breached.

The Symantec researchers said an earlier wave of attacks by the same group starting in 2011 was used to gather intelligence on companies and their operational systems. The hackers then used that information for a more advanced wave of attacks targeting industrial control systems that, if disabled, leave millions without power or water.

U.S. intelligence officials have long been concerned about the security of the country’s electrical grid. The recent attacks, condemned by the U.S. government, striking almost simultaneously at multiple locations, are testing the government’s ability to coordinate an effective response among several private utilities, state and local officials, and industry regulators.

#google#

While the core of a nuclear generator is heavily protected, a sudden shutdown of the turbine can trigger safety systems. These safety devices are designed to disperse excess heat while the nuclear reaction is halted, but the safety systems themselves may be vulnerable to attack.

The operating systems at nuclear plants also tend to be legacy controls built decades ago and don’t have digital control systems that can be exploited by hackers.

“Since at least March 2016, Russian government cyber actors… targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors,” according to Thursday’s FBI and Department of Homeland Security report. The report did not say how successful the attacks were or specify the targets, but said that the Russian hackers “targeted small commercial facilities’ networks where they staged malware, conducted spearphishing, and gained remote access into energy sector networks.” At least one target of a string of infrastructure attacks last year was a nuclear power facility in Kansas.

Symantec doesn’t typically point fingers at particular nations in its research on cyberattacks, said Eric Chien, technical director of Symantec’s Security Technology and Response division, though he said his team doesn’t see anything it would disagree with in the new federal report. The government report appears to corroborate Symantec’s research, showing that the hackers had penetrated computers and accessed utility control rooms that would let them directly manipulate power systems, he says.

“There were really no more technical hurdles for them to do something like flip off the power,” he said.

And as for the group behind the attacks, Chien said it appears to be relatively dormant for now, but it has gone quiet in the past only to return with new hacks.

“We expect they’re sort of retooling now, and they likely will be back,”

In some cases, Dragonfly successfully broke into the core systems that control US and European energy companies, Symantec revealed.

“The energy sector has become an area of increased interest to cyber-attackers over the past two years,” Symantec said in its report.

“Most notably, disruptions to Ukraine’s power system in 2015 and 2016 were attributed to a cyberattack and led to power outages affecting hundreds of thousands of people. In recent months, there have also been media reports of attempted attacks on the electricity grids in some European countries, as well as reports of companies that manage nuclear facilities in the US being compromised by hackers.

“The Dragonfly group appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so. Symantec customers are protected against the activities of the Dragonfly group.”

In recent weeks, senior US intelligence officials said that the Kremlin believes it can launch hacking operations against the West with impunity, including a cyber weapon that can disrupt power grids, according to assessments.

The DHS and FBI report further elaborated: “This campaign comprises two distinct categories of victims: staging and intended targets. The initial victims are peripheral organisations such as trusted third-party suppliers with less-secure networks, referred to as ‘staging targets’ throughout this alert.

“The threat actors used the staging targets’ networks as pivot points and malware repositories when targeting their final intended victims. National Cybersecurity and Communications Integration Center and FBI judge the ultimate objective of the actors is to compromise organisational networks, also referred to as the ‘intended target’.”

According to the US alert, hackers used a variety of attack methods, including spear-phishing emails, watering-hole domains, credential gathering, open source and network reconnaissance, host-based exploitation, and deliberate targeting of ICS infrastructure.

The attackers also targeted VPN software and used password cracking tools.

Once inside, the attackers downloaded tools from a remote server and then carried out a number of actions, including modifying key systems to store plaintext credentials in memory, and built web shells to gain command and control of targeted systems.

“This actors’ campaign has affected multiple organisations in the energy, nuclear, water, aviation, construction and critical manufacturing sectors, with hundreds of victims across the U.S. power grid confirmed,” the DHS said, before outlining a number of steps that IT managers in infrastructure organisations can take to cleanse their systems and defend against Russian hackers. he said.
 

Related News

• Electricity Forum News

• Grid Technologies News

Alberta Data Centers fuel the digital economy with cloud computing, AI, and streaming, leveraging renewable energy and low-cost power; yet grid capacity, sustainability, efficient cooling, and regulatory frameworks remain critical considerations for reliable growth.

Key Points

Alberta facilities for cloud, AI, and digital services, balancing energy demand, renewable power, and grid reliability.

✅ Low electricity costs and renewables attract hyperscale builds

✅ Grid upgrades needed to meet rising, 24/7 workloads and cooling

✅ Workforce training aligns with IT, HVAC, and electrical roles

As Alberta continues to evolve its energy landscape, the recent surge in data center projects is making headlines. With companies investing heavily in this sector, Alberta is positioning itself as a key player in the digital economy. This trend, however, brings both opportunities and challenges that need careful consideration.

The Digital Economy Boom

Data centers are essential for supporting the growing demands of the digital economy, which includes everything from cloud computing to streaming services and artificial intelligence. As businesses increasingly rely on digital infrastructure, the need for reliable and efficient data centers has skyrocketed. Alberta has become an attractive destination for these facilities due to its relatively low electricity costs, abundant renewable energy resources, and favorable regulatory environment, according to a 2023 clean grids outlook that highlighted the province.

The influx of major tech companies establishing data centers in Alberta not only promises job creation but also contributes to the provincial economy. With investments pouring in, local businesses may see increased opportunities for partnerships, supplies, and services, ultimately benefiting the broader economic landscape, though proposed market changes could influence procurement and siting decisions.

Energy Demand and Infrastructure

While the growth of data centers can drive economic benefits, it also raises important questions about energy demand and infrastructure capacity, questions that have intensified since Kenney-era electricity changes in the sector. Data centers are energy-intensive, often requiring significant amounts of electricity to operate and cool their servers. As these facilities multiply, they will place additional pressure on Alberta's power grid.

The province has made strides in transitioning to renewable energy sources, with a defined path to clean electricity that aligns well with the goals of many data center operators seeking to reduce their carbon footprint. However, the challenge lies in ensuring that the electricity grid can meet the increasing demand without compromising reliability. The integration of more renewable energy into the grid requires careful planning and investment in infrastructure to handle variable supply and maintain a stable energy flow.

Environmental Concerns

The environmental implications of expanding data centers are also a point of concern. While many tech companies prioritize sustainability and aim for carbon neutrality, the reality is that increased energy consumption can contribute to greenhouse gas emissions if not managed properly, especially when regional export restrictions constrain low-carbon power flows. Alberta’s reliance on fossil fuels for a significant portion of its energy supply raises questions about how these data centers will impact the province's climate goals.

To address these concerns, there is a need for policies that encourage the use of renewable energy sources specifically for data center operations. Incentives for companies to invest in green technologies, such as energy-efficient cooling systems or on-site renewable energy generation, could help mitigate the environmental impact.

Workforce Development

Another critical aspect of this data center boom is the potential for job creation. Data centers require a range of skilled workers, from IT professionals to engineers and maintenance staff. However, there is a pressing need for workforce development initiatives to ensure that Albertans are equipped with the necessary skills to fill these roles.

Educational institutions and training programs must adapt to the changing demands of the job market. Collaborations between tech companies and local colleges can foster specialized training programs that prepare workers for careers in this evolving sector. By investing in workforce development, Alberta can maximize the benefits of data center growth while ensuring that its residents are prepared for the jobs of the future.

The Future of Alberta's Data Center Landscape

Looking ahead, Alberta’s data center landscape is poised for continued growth. The province's commitment to diversifying its economy, coupled with its abundant energy resources, makes it an appealing choice for tech companies. However, as the industry expands, careful consideration must be given to energy management, environmental impact, and workforce readiness, especially as Alberta changes how it produces and pays for electricity.

Regulatory frameworks will play a crucial role in shaping the future of data centers in Alberta, as the province pursues a market overhaul that could affect costs and reliability. Policymakers will need to balance the interests of businesses, environmental concerns, and the need for a reliable energy supply. By creating a supportive environment for innovation while addressing these challenges, Alberta can emerge as a leader in the digital economy.

The rise of data centers in Alberta marks an exciting chapter in the province's economic evolution. With the potential for job creation, technological advancement, and economic diversification, the opportunities are significant. However, it is essential to navigate the associated challenges thoughtfully. By prioritizing sustainability, infrastructure investment, and workforce development, Alberta can harness the full potential of this burgeoning sector, positioning itself as a key player in the global digital landscape.

Related News

• Electricity Forum News

• Energy Policy News

Dewa-China Renewable Energy Partnership advances solar, clean energy, smart grid, 5G, cloud, and Big Data, linking Dewa with Hanergy and Huawei for R&D, smart meters, demand management, and resilient network infrastructure.

Key Points

A Dewa collaboration with Hanergy and Huawei to co-develop solar, smart grid, 5G, cloud, and resilient utility networks.

✅ MoU expands solar PV and distributed generation in Dubai and China

✅ Smart grid R&D: smart meters, demand response, self-healing networks

✅ 5G, cloud, and Big Data enable secure, scalable smart city services

A high-level delegation from Dubai Electricity and Water Authority (Dewa) recently visited China in bid to build closer ties with Chinese renewable and clean energy and smart services and smart grid companies, amid broader power grid modernization in Asia trends.

The team led by the managing director and CEO Saeed Mohammed Al Tayer visited the headquarters of Hanergy Holding Group, one of the largest international companies in alternative and renewable energy, in Beijing.

The visit complements the co-operation between Dewa and Hanergy after the signing MoU between the two sides last May, said a statement from Dewa.

The two parties focused on renewable and clean energy and its development, including efforts to integrate solar into the grid through advanced programs, and enhancing opportunities for joint investment.

Al Tayer also visited the Exhibition Hall and Exhibition Centre of the Hanergy Clean Energy Exhibition spread over a 7,000-sq-m area at the Beijing Olympic Park.

He discussed solar power technologies and applications, which included integrated photovoltaic panels and their distribution on the roofs of industrial and residential buildings, residential and mobile power systems, micro-grid installations in remote regions, solar-powered vehicles, and various elements of the exhibition.

Al Tayer and the accompanying delegation later visited the Beijing R&D Centre, which is one of Huaweis largest research institutes, known for Huawei smart grid initiatives across global markets, that employs over 12,000 people. The centre covers the latest pre-5G solutions, Cloud, Big Data, as well as vertical solutions for a smart and safe city.

"The visit is part of a joint venture with Huawei, which includes R&D projects to develop smart network infrastructures and various mechanisms and technologies, aligned with recent U.S. grid improvement funding initiatives, such as smart meters for electricity and water services, energy demand management, and self-recovery mechanisms from errors and disasters," he added.

Related News

• Electricity Forum News

• Renewable Energy News