A $12.5 million project to create the nation's first regional cybersecurity research operations center focused on power grid protection has received a $10 million grant from the Department of Energy (DOE).
Auburn University The McCrary Institute for Cyber-Critical Infrastructure Security, in partnership with Oak Ridge National Laboratory (ORNL), Southeast Regional Cybersecurity Collaboration Center (SERC3). Leveraging the newly announced funding, the pilot center will “bring together experts from the private sector, academia, and government to share information and develop innovative realities to protect the nation’s power grid and other key sectors.” We will create solutions for the world,” Auburn University said. said in a statement on April 18..
Led by Southern Company. Director of Business Technology, Planning, and Strategic Initiatives james goosby ORNL's McCrary and Tricia Schulz, SERC3, will be “experimenting” with industry partners to support the integration of new and existing security software and hardware into production environments. The new effort will also establish labs at Auburn University's Samuel Zinn School of Engineering and at ORNL in Oak Ridge, Tennessee.
“This center will conduct important research and provide real-world operational solutions to protect us all as we address these challenges,” said Steve, Auburn University's senior vice president for research and economic development. Taylor said. “We would like to thank Oak Ridge National Laboratory for partnering with us and Congressman Mike Rogers for helping secure funding for this important program.”
Another important mission of SERC3 is workforce development and skills development. It is noted that this effort will include a mock utility command center to train participants in real-time cyber defense. “We are partnering with industry to develop new security technologies, transfer those technologies to industry, and at the same time build our capabilities to develop the workforce to operate these hardened systems. ,” said ORNL Director Steven Streifer.
Notable regional efforts to combat growing cyber threats
SERC3 represents an innovative effort to strengthen cybersecurity and increase cyber resilience in the power sector, a critical infrastructure industry that remains highly vulnerable to cyber-attacks.
While the department strives to comply with critical infrastructure protection (CIP) standards set by the North American Electric Reliability Corp. (NERC), a quasi-governmental compliance enforcement agency, it also self-guided Cybersecurity frameworks such as DOE and National Institute of Standards and Technology (NIST).
However, the sector also relies heavily on public-private cooperation, such as a project launched in 1999. Electricity Information Sharing and Analysis Center (E-ISAC), operated by NERC, but organizationally insulated from NERC's enforcement processes. E-ISAC serves as a means to quickly provide security information on how to mitigate complex and evolving threats to the grid. The organization also conducts cyber resilience testing by: grid ex, North America's largest power grid security exercise, held every two years.
The industry also relies on several other partnerships. In 2014, DOE's Office of Electricity Cybersecurity Risk Information Sharing Program (CRISP)It essentially serves as an “open source” cyber threat intelligence and government information portal, facilitating the timely, two-way sharing of unclassified and classified threat information and the development of situational awareness tools. CRISP is managed by E-ISAC and advised by DOE. Office of Cybersecurity, Energy Security, and Emergency Response (CESER). Its participants currently power more than 75% of U.S. customers, according to the DOE.
Yet for now, CESER is leading much of the nation's cybersecurity research and development (R&D), leveraging DOE's national laboratories to test components and configurations based on industry feedback. For that, Identification of continuous monitoring tools and capabilities and best practices for information systems and control networks.
As the first regional public partnership, SERC3 will take on part of this mission and provide an important new research and development channel. “A secure and resilient power grid is a national and regional imperative,” he said. Frank Silfifo, director of the McCrary Institute;
The growing insidious threat landscape
CESER Director Puesh Kumar suggested on Thursday that the SERC3 effort is urgently needed given the insidious rise of new threat actors. ““I commend Auburn University and Oak Ridge National Laboratory's joint efforts to advance grid cybersecurity,” he said.
“Countering the growing cyber threats facing the U.S. energy sector from malicious actors and nation-states like the People’s Republic of China requires a commitment from industry, national laboratories, academia, and even state and federal governments. We all have to come together.” This partnership is a key example. ”
Early this month, Manny Cancel, NERC Senior Vice President and E-ISAC CEO, provides a sober analysis of these threats: Key lessons learned from GridEx VII, E-ISAC's 7th Grid Security Exercise was held in November 2023.
Already challenged by an increasingly complex power grid environment, the threat is further exacerbated by global geopolitical tensions, including Russia's escalating aggression in Ukraine and the escalating Israeli-Hamas conflict. , Cancel said. Pointing to the involvement of state actors such as China, Russia, Iran, and North Korea in cyber espionage and attacks, he said, “The current geopolitical situation is having a significant impact on the North American power grid. It's clear.''
“increase [in challenges] It’s actually driven by a few things,” he explained. “One is the increase in vulnerabilities in critical software platforms and even hardware platforms. NIST tracks vulnerabilities and at the end of 2022 there were probably 22,000 to 21,000 published. 2023 That's 23,000 to 24,000 people per day, which means there are about 60 or more vulnerabilities a day.”
A new trend is for attackers to attack platforms they know are vulnerable, conducting “one-to-many” attacks, rather than targeting organizations in parts, he said. Stated. “The thing I want to focus on the most is ransomware. However, the energy sector is not as targeted as other sectors,” he said. “That trend has definitely increased over the last few years.”
GridEx VII highlighted a stronger need for industry to assess and implement resilient voice and data communications measures, Cancel said. It also demonstrated the urgency of strengthening. Improving the operating framework during the prolonged disruption to energy markets, and increasing coordination and clarity between the industry and the federal governments of the United States and Canada.
A two-day exercise organized by E-ISAC's GridEx team last November attracted more than 15,000 participants from approximately 250 organizations across North America, including the electric industry, gas and telecommunications sectors, and government partners in the United States and Canada. participated.
“The GridEx VII scenarios explore or further explore the challenges posed by coordinated and prolonged cyber and physical attacks on the power grid and its market systems,” Cancel explained. He emphasized the importance of putting these lessons into practice. “Lessons learned are great, but they're useless if you don't put them into practice.”
—Sonal Patel POWER Senior Editor (@sonalcpatel, @Power Magazine).
