The Department of Energy released its multi-year plan for energy cybersecurity this week, and it’s a timely document. The past year and a half has provided new evidence that Russian-sponsored hackers penetrated the IT networks of U.S. energy companies, and are seeking to worm their way into the operations technology systems that run power plants and other critical grid infrastructure. And, as the Russian-led hacks in Ukraine have shown, these methods are capable of taking down the grid.
These ever-growing and evolving threats require much better coordination, DOE warns. At present, electric utilities and grid operators have been playing whack-a-mole with hackers, discovering penetrations long after they’ve occurred and scrambling to seal the breaches they’ve made.
Here’s a breakdown of DOE’s new plan.