The Biden administration today released new priorities to protect clean energy infrastructure from possible cyberattacks.
Smart grids and electric vehicles can bring huge benefits in saving energy and reducing pollution. But as our lives become increasingly electronic and digital, new cybersecurity challenges also emerge. That’s why the Biden administration today released guidance on how to ensure new parts of our energy infrastructure are protected from damage.
“We have a once-in-a-lifetime opportunity to renew our infrastructure”
Harry Krejsa said: “We have a once-in-a-lifetime opportunity to renew our infrastructure and realign parts of our infrastructure that have never been ready for the level of digital/physical convergence our world is striving to achieve. design.
Shared exclusively in a fact sheet edge Ahead of the public release, the Biden administration has focused on five technologies it believes are critical to the near-term success of the clean energy transition and deserve special attention in terms of cybersecurity.
Foremost among these are the batteries needed to store renewable energy and ensure that it can be used even when the sun fades and the wind dies down. Electric vehicles and charging equipment and the batteries that power them are also priorities. Then there are the building’s energy management systems – things like smart thermostats, rooftop solar systems, and even smart lighting systems. So-called decentralized control systems are another related priority. These include control of community microgrids and virtual power plants that draw on collective energy storage from electric vehicles or solar arrays. Inverters and power conversion equipment are also on the list.
“Digitalization is a two-way street,” Kressa said. On the one hand, it gives more control to home and business owners and grid operators. When renewable energy is more plentiful, it will be easier to adjust electric vehicle charging to a specific time, or to turn up the thermostat to save energy and avoid power outages during heat waves. But without strong protection, these tools can become exploitable weaknesses.
President Joe Biden has already had to deal with criminal hackers targeting energy infrastructure during his term in office. A 2021 cyberattack shut down the Colonial Pipeline, the largest U.S. product pipeline system. The ransomware attack knocked out pipelines for five days, causing gasoline shortages, higher prices at the pump and traffic jams outside gas stations.
The Biden administration is also worried about state-sponsored threats. In a guidance document released in June, the U.S. Department of Homeland Security listed the cyber threat posed by the People’s Republic of China (PRC) as a top priority for protecting critical infrastructure by 2025. According to a Department of Homeland Security advisory released in February, the Chinese-sponsored cyber group Volt Typhoon has “compromised the IT environments of multiple critical infrastructure organizations,” including energy and transportation systems.
Protection can be as simple as practicing good digital hygiene. Hackers reportedly gained access to Colonial’s network in 2021 using leaked passwords.
The way today’s energy system operates puts too much responsibility “on individuals, small businesses, local governments and frontline users who do not have the resources to mount an adequate defense against the most well-resourced and well-trained malicious actors in the world.” Reisa said. “That’s not a sustainable way to build an ecosystem.”
A fact sheet released today points to the need for “security by design principles” that “prioritize customer security as a core business need”. The Biden administration has also emphasized the need to bring together different parts of the government, as well as businesses, researchers and even hackers, to design and implement better protections. For example, the Department of Energy launched the Energy Threat Analysis Center (ETAC) in 2023 as a pilot public-private partnership. Kreisa talks about edge He was attending the Def Con hacker conference in Las Vegas and “is issuing a call to action, asking the hacker community to help say, ‘Look at these priority technologies.'”
With everyone involved, the Biden administration’s cybersecurity roadmap includes developing technical standards and implementation guidance for new energy technologies. It also prioritizes research and development and cybersecurity workforce training.
With the nation’s aging energy infrastructure already overdue for an overhaul to accommodate growing power demand and new renewable energy sources, now is also a good time to make security updates.
“Where should we make critical infrastructure investments? These are decisions that are being made now,” said Nana Menya Ayensu, special assistant to the president for climate policy, finance and innovation. “When it comes to online security [we want] Ensuring this is the backbone of a more modern, flexible, digital energy system.
