New report claims "massive, sustained" cyber-espionage targeting energy sector


Quick Take: Just last week we wrote that Chinese cyberattacks against U.S. power plants could trigger retaliation and last month we told you about the Pentagon promising a massive response to increasing cybersecurity attacks and a warning that 40% of all cyber attacks are against energy. In fact we have been warning for quite some time that it is time to move away from minimum-I-can-get-away-with security to what-I-need-to-stay-safe-
against-rising-threats security. Now here is further proof. Don't be the utility that ignored the warnings and becomes the example for what not to do and the target for angry policymakers. Don't be that utility. - Jesse Berst


The 2013 National Intelligence Estimate paints a picture of a massive and sustained cyber-espionage campaign that threatens U.S. economic competitiveness, sources familiar with the report told The Washington Post.  


According to the Post account, the report claims that for the past five years hackers have focused on the energy industry and a number of other sectors to gain access to data for economic advantage. It identifies China as most aggressive, but also names three other countries it says are involved to a much lesser degree - Russia, Israel and France.


The Post says the new report represents the consensus view of the intelligence community and quotes an unnamed administration official as saying cyber-espionage is "just so widespread that it’s known to be a national issue at this point."


The Post reports that later this week the White House is expected to issue an executive order on cybersecurity that calls for voluntary standards for critical private-sector computer systems.


Security expert Andy Bochman, who is Energy Security Lead for IBM's Systems Security, has contributed a number of articles for SGN on ways utilities may be vulnerable to hacking and other security risks. Given the intensity surrounding the topic right now, we thought it might be worth revisiting a few of them:


·         Security Double Dutch: Critical infrastructure gaps in the Netherlands highlighted

·         DoD software assurance for electric sector security?

·         So much new SCADA goodness (but so few words on security)

·         Smart grid security and why breach practice makes sense)



Jesse Berst is the founder and chief analyst of Smart Grid, the industry's oldest and largest smart grid site. A frequent keynoter at industry events in the U.S. and abroad, he also serves on advisory committees for Pacific Northwest National Laboratory and the Institute for Electric Efficiency. He often provides strategic consulting to large corporations and venture-backed startups. He is a member of the advisory boards of GridGlo and Calico Energy Services.

Filed Under