September 21, 2022 By Jennifer Gregory 2 min read

In June 2021, CNN asked U.S. Secretary of Energy Jennifer Granholm if U.S. enemies could shut down the power grid. She said they could. Meanwhile, the concern over energy grid attacks has increased with the Russian attack on Ukraine.

Attackers could take down the U.S. power grid by hitting only a few substations, said Jon Wellinghoff, former chairman of the Federal Energy Regulatory Commission. Due to growing concerns, the Department of Energy announced $12 million in funding for research projects. These aim to more securely develop the next generation of energy systems. What does this mean for the industry?

Threats to the energy sector

One problem is the threat of a complete shutdown of the energy grid. Following that, attacks in the energy industry are costly to both utilities and consumers. The 17th annual Cost of a Data Breach Report ranked the energy industry as fifth in costs of a data breach. The majority of cases were external attacks, and only 2% were inside jobs. These breaches cost an average of $4.65 million. In 2021, most attacks in the energy industry were social engineering attacks. Other types of common attacks include system intrusion and web applications.

Grant funding

The $12 million grant funding creates the following six programs:

  • Develop artificial intelligence (AI) -based detection tools and design effective cyber threat mitigation strategies (award of $2 million to Florida International University)
  • Use AI-integrated, resilient and proactive system technologies and solutions to enable defense-in-depth security and resilience for cyber-physical systems (award of $2 million to Iowa State University)
  • Create the Tracking Real-time Anomalies in Power Systems program to detect and localize oddities in power grid cyber-physical systems (award of $1,939,416 to New York University)
  • Use AI and machine learning to develop techniques and scalable prototypes for intrusion response against advanced cyber-physical threats to power systems (award of $1,997,921 to Texas A&M Engineering Experiment Station)
  • Develop a resilient, next-generation solid-state power substation. This will include cybersecurity considerations to improve adoption (award of $2 million to the University of Illinois at Chicago)
  • Create the Cyber REsilience of SubsTations program, which is a two-part system to detect and mitigate cyber incidents while maintaining secure communication and critical functions (award $1,997,864 Virginia Polytechnic Institute and State University).

‘Building a stronger grid’

“Investing in cutting-edge cyber security technology keeps us at the forefront of global innovation and protects America’s power grid in the face of increasing cyber threats from abroad,” said Granholm in a statement. “This funding will bolster our commitment to a secure and resilient clean energy future by fortifying American electricity systems and building a stronger grid.”

The U.S. needs to be looking for ways to secure the next-generation energy grid. That way, the nation can prevent costly shutdowns. Grants such as the recent $12 million can help ensure that. After all, the U.S. needs to remain ahead of attackers as new energy systems are developed.

More from News

Zero-day exploits underscore rising risks for internet-facing interfaces

3 min read - Recent reports confirm the active exploitation of a critical zero-day vulnerability targeting Palo Alto Networks’ Next-Generation Firewalls (NGFW) management interfaces. While Palo Alto’s swift advisories and mitigation guidance offer a starting point for remediation, the broader implications of such vulnerabilities demand attention from organizations globally. The surge in attacks on internet-facing management interfaces highlights an evolving threat landscape and necessitates rethinking how organizations secure critical assets. Who is exploiting the NGFW zero-day? As of now, little is known about the…

Will arresting the National Public Data threat actor make a difference?

3 min read - The arrest of USDoD, the mastermind behind the colossal National Public Data breach, was a victory for law enforcement. It also raises some fundamental questions. Do arrests and takedowns truly deter cyberattacks? Or do they merely mark the end of one criminal’s chapter while others rise to take their place? As authorities continue to crack down on cyber criminals, the arrest of high-profile threat actors like USDoD reveals a deeper, more complex reality about the state of global cyber crime.…

CISA adds Microsoft SharePoint vulnerability to the KEV Catalog

3 min read - In late October, the United States Cybersecurity & Infrastructure Security Agency (CISA) added a new threat to its Known Exploited Vulnerability (KEV) Catalog. Cyber criminals used remote code execution vulnerability in Microsoft SharePoint to gain access to organizations’ networks. The CISA press release states that “these types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.” However, Microsoft identified and released a patch for this vulnerability in July 2024. Cybersecurity experts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today