DOE tries to spur development of defenses against Ukraine-style electrical grid cyberattack
This article first appeared on CyberScoop.
The Department of Energy doled out $4 million in grant funding earlier this month to four different cybersecurity firms in an effort to spur the development of new technology that can help protect U.S. electricity delivery systems from hackers.
The move comes just three months after a complex cyberattack aimed at Ukrainian energy company Ukrenergo caused widespread blackouts across northern Kiev. In that incident, the attackers targeted a power substation located in Pivnichna to cut access between affected neighborhoods and the local power grid. One year prior, in December 2015, a different, highly sophisticated email phishing scheme also opened the door to hackers — who, after an extensive espionage campaign, jumped into Ukrainian’s energy infrastructure by compromising Windows Domain Controllers.
The research, development and demonstration projects “will lead to next generation tools and technologies that will become widely adopted to enhance and accelerate deployment of cybersecurity capabilities for the U.S energy infrastructure, including cyber secure integration of smart grid technologies,” a summary within the original “Funding Opportunity” document from January 2016 reads.
Dubbed the “Chess Master Project,” the aforementioned $4 million joint research and development program will be conducted by Veracity Security Intelligence, Schweitzer Engineering Laboratories, Ameren Corporation and Sempra Energy, and focus on creating autonomous scanning and cyberthreat risk reductions tools.
Schweitzer Engineering Laboratories is one of the world’s largest microprocessor-based electronic equipment developers. Veracity is a startup that provides cyberthreat intelligence services. Ameren is an energy distribution service provider. Sempra Energy is a San Diego-based Fortune 500 energy holding company.
The project will include the coding of software that can help operators monitor network traffic and behavior and different attack surfaces, establish new encrypted security controls and provide policies to help victims quickly respond to a breach.
“The Chess Master Project is an innovative approach to solve some of the biggest challenges to reducing the attack surface for industrial control systems (ICS) in an autonomous way,” a proposal to DOE notes.“The proposed project can be applied to new and legacy infrastructure by deploying the software centrally on the flow controller and simple switch replacements from traditional to SDN enabled switches. This solution is ideally suited for legacy systems that have end points that are no longer supported or patches are not available.”
Veracity CEO Paul Myer told CyberScoop that his company’s technology would have effectively stopped the 2015 cyberattack on Ukraine’s energy grid.
“Veracity would have picked up the Ukraine attack in the initial discovery phase when they were mapping out the network to find the vulnerabilities,” Myer wrote in an email. “Our platform sees all network traffic and any anomalous behavior is flagged and disallowed. All network traffic is tracked and enforced using a ‘white list’ or ‘deny by default’ approach that only allows approved behavior. In this case, the exploit would have been discovered, the traffic would be blocked — the packets would be dropped — and an alert would be sent to the administrator for further research.”
Chess Master is said to build on the success of two past programs funded by the Energy Department, known as the Watchdog and SDN Projects, which produced secure, software-defined switches and flow controllers to monitor and block malicious internet traffic flowing into industrial facilities.
The $4 million grant used to fund Chess Master is part of a larger, $23 million “Cybersecurity for Energy Delivery Systems Program” initiative, which was originally announced by the Energy Department in January 2016.