The energy and utilities industries remain ripe targets for cyberattacks, particularly the industrial control systems within power plants and other energy facilities. Indeed, in March 2018, the Department of Homeland Security reported that it, along with the FBI, had determined that “Russian government cyber actors” had launched “a multi-stage intrusion campaign” that targeted the networks of small commercial facilities in the energy and other critical infrastructure sectors.
While the Department of Energy’s Sandia National Laboratories are working on next-generation cybersecurity systems to fool hackers, the agency is not taking its eye off the ball when it comes to the broader IT security picture for the energy sector.
Last year, the department stood up its Office of Cybersecurity, Energy Security, and Emergency Response, or CESER, to lead and coordinate the agency’s response to attacks and disruptions in the energy sector. President Donald Trump included $96 million in the fiscal 2019 budget request to launch the office.
“We all see the magnitude and sophistication of the threats facing our energy infrastructure. Our nation’s electricity, fuel and delivery systems have become more complex and even more interdependent,” Adrienne Lotto, deputy assistant secretary for infrastructure security and energy restoration, said last month at an Association for Federal Information Resources Management Cybersecurity Summit in Washington, D.C., according to Nextgov. “As a result, the threat against the sector has become even more frequent and more sophisticated.”
CESER leads efforts to combat all threats to the energy industry, mitigate the risks and impacts of cyberattacks and other disruptions, and help restore services if and when utilities are attacked. “We address all hazards: cyber, man-made and natural,” Lotto said.
Energy Department Focuses on Sharing Threat Information
CESER's Cybersecurity for Energy Delivery Systems Division focuses on the research and development of innovative technologies, tools and techniques to reduce risks to the critical energy infrastructure from cyberattacks and other emerging threats.
“Continuing to increase the security, reliability, and resiliency of our electricity delivery system will help ensure the success of grid modernization and transformation of the Nation’s energy systems,” the organization says on its website.
The division supports the research, development and demonstration of advanced cybersecurity solutions, as well as the acceleration of information sharing to enhance situational awareness.
By 2020, CESER wants the energy sector to be able to design, install, operate and maintain “resilient energy delivery systems” that can “survive a cyber incident while sustaining critical functions.”
To do so, CESER’s cybersecurity program supports activities in three key areas: strengthening energy sector cybersecurity preparedness; coordinating cyber incident response and recovery; and accelerating research, development and demonstration of “game-changing and resilient energy delivery systems.”
At the AFFIRM event, Lotto said CESER is “developing techniques to enhance the speed and effectiveness of threat and vulnerability information sharing that’s both bi-directional and machine to machine,” Nextgov reports.
CESER is seeing threats to both energy sector IT as well as operational technology, Lotto said, adding that it’s important for “both the federal government and private sector to work towards closing the understanding of that gap.”
Additionally, Lotto said at the AFFIRM summit that CESER is developing a tool called CyOTE, or Cybersecurity for the Operational Technology Environment, “which works to increase situational awareness through an industry-led approach that will share and analyze OT data,” Nextgov reports. The tool will be enhanced via insights and intelligence from the intelligence community and the Department of Energy’s national labs, she said.