Dive Brief:
A task force assembled by the National Association of Regulatory Utility Commissioners (NARUC) and the National Association of State Energy Officials (NASEO released a series of five modular blueprints and other tools on Thursday to aid state-level energy planning.
With financial support by the U.S. Department of Energy, the 15-state task force spent two years exploring how regulators and and policymakers can use existing planning processes to tackle current challenges such as climate change, grid resilience and rapid technological advances.
Task force leaders say states must act quickly to stay ahead of rapid change in the electric industry. A dozen states committed to immediate action based on the blueprints.
Dive Brief:
Similarities between electric and water utilities mean the power industry should pay close attention to the recent hacking of a Florida water treatment plant, according to security experts. Hackers used a piece of software called TeamViewer to access the plant s supervisory control and data acquisition (SCADA) systems.
Cyber criminals attempted to significantly raise the amount of lye added to the water supply of the city of Oldsmar. The attack was thwarted by plant personnel and experts say it was not a sophisticated effort. This is not really the fault of TeamViewer as much as the users in this case just not securing their passwords or access rights, said Gary Kinghorn, marketing director at Tempered, which specializes in network security. The plant s computers shared passwords and ran outdated operating systems, according to a Massachusetts government warning to water companies.
On Monday, February 8, a press conference hosted by Pinellas County, Florida, sheriff Bob Gualtieri dropped an industrial cybersecurity bombshell that reverberated worldwide. Gualtieri, along with the mayor and city manager of Oldsmar (population 15,000), revealed that a hacker had infiltrated the Oldsmar water treatment system to change the city’s water supply levels of sodium hydroxide from 100 parts per million to 11,100 parts per million. Sodium hydroxide, also called lye, is a highly caustic chemical that is a key ingredient in liquid drain cleaners.
The hackers gained unauthorized access to an internal industrial control system (ICS), likely using stolen or lost credentials, via TeamViewer, a remote desktop application that allows users to log into systems from afar, a ubiquity across many organizations during the COVID-19 crisis. Gualtieri and the city officials offered only a few other details of the disturbing breach.