FERC proposes new cyber controls for power grid

The federal entity responsible for regulating the energy sector on Thursday proposed new rules to enhance the cybersecurity of the U.S. electric grid, including those aimed at addressing risks posed by malware.

The Federal Energy Regulatory Commission (FERC) outlined new proposed security management controls for operators of electric grid systems aimed at enhancing “the reliability and resilience of the nation’s bulk electric systems,” according to a release.

“These include mandatory controls to address the risks posed by malware from transient electronic devices like laptop computers, thumb drives and other devices used at low-impact bulk electric system cyber systems,” the commission said.

There have been increased concerns about cyber threats to the U.S. electric grid in the wake of successful attacks that took down portions of Ukraine’s in 2015 and 2016. Russian hackers are widely suspected to have been behind the attacks. Earlier this year, researchers identified the malware used to take out power in Kiev in 2016.

A leading cybersecurity company also recently identified a sophisticated hacking campaign targeting the U.S. energy sector as well as those of certain European countries.

Read more…

Source: The Hill