american public power association s cybersecurity
play

American Public Power Associations Cybersecurity Services Program - PowerPoint PPT Presentation

Apr 11, 2024 •440 likes •624 views

American Public Power Associations Cybersecurity Services Program APP A Western Regional Cyber Summit August 22, 2019 Anaheim, CA #PublicPower www.PublicPower.org Cyber & Physical Preparedness Help members develop

  2. American Public Power Association’s Cybersecurity Services Program APP A Western Regional Cyber Summit August 22, 2019 Anaheim, CA #PublicPower www.PublicPower.org

  3. Cyber & Physical Preparedness • Help members develop “all-hazards” approach to disaster preparation and response • Show federal policymakers public power’s commitment to security and mutual aid • Strengthen government/industry partnerships • Minimize new federal regulation #PublicPower www.PublicPower.org

  4. DOE Cooperative Agreement Overview Goal: Develop a culture of cyber security within public power utilities. Objective: Engage with public power distribution utilities to understand their cyber security awareness, capabilities and risks. Move each utility from its existing state to a public power target profile. Tasks: 1. Cybersecurity risk assessments (Cybersecurity Scorecard) 2. Onsite cyber vulnerability assessments 3. Pilot existing and emerging security technologies 4. Information sharing between utilities and APPA, E-ISAC, MS- ISAC, other partners Acknowledgment: These activities are based upon work supported by the Department of Energy under Award Number DE-OE0000811 . #PublicPower www.PublicPower.org

  5. DOE Cooperative Agreement Overview • In 2016 APPA partnered with the Department of Energy • 3-year, $7.5M Cooperative Agreement; • 2016-17 – Analysis and Data Collection • 2017-18 – Deployment and Resource Development • 2018-19 – Sustainability Acknowledgment: These activities are based upon work supported by the Department of Energy under Award Number DE-OE0000811 . #PublicPower www.PublicPower.org

  6. Sodinokibi Ransomware Actors Target Management Service Providers’ Clients Summary • In June 2019, the FBI received notification of ransomware variant Sodinokibi, also known as “REvil” and “Sodin,” compromising managed service providers (MSPs) by leveraging victim-installed remote monitoring and managing (RMM) software. Actors behind the Sodinokibi ransomware infection likely leveraged compromised network credentials to gain access to the system. Upon gaining access, Sodinokibi actors use PowerShell scripts to drop an executable containing Sodinokibi into the MSP’s network infrastructure, infecting its customers’ systems. #PublicPower www.PublicPower.org

  7. Threat • FBI investigative activity identified several Sodinokibi ransomware actors compromising MSPs as a means to spread ransomware throughout the MSPs’ client networks. This tactic resulted in multiple US companies suffering infection and encryption of file systems as the result of only one cyber intrusion. Once executed, Sodinokibi encrypts the victim files and produces a .txt file displaying the ransom note. The .txt file provides instructions on how to download and configure a TOR browser. Through the TOR browser, the victim accesses a unique uniform resource locator (URL) containing a chatroom, monitored by the actors responsible for Sodinokibi, for payment and decryption instructions. • Sodinokibi actors likely leveraged CVE-2018-8453 to conduct privilege escalation. Upon identification of the vulnerability, Microsoft released a patch for this CVE in October 2018. #PublicPower www.PublicPower.org

  8. Recommendations • Regularly back up data and verify its integrity. • Secure your backups. • Patch the operating system, software, and firmware on devices. • Monitor remote connections and software, • Apply two-factor authentication to user login credentials #PublicPower www.PublicPower.org

  9. 9 Results breakdown by domain Scorecard results will populate your dashboard Improvement recommendations based on scorecard responses #PublicPower www.PublicPower.org

  10. Scorecard Activity • 272 public power utilities participating – (2019 Goal is to reach 400 utilities) • 520 foundational cybersecurity self assessments at the 272 utilities – (14 Questions – 45 minutes) • All public power utilities have FREE access to the Scorecard portal • Utilities who have taken the assessment have reported that the Scorecard is helping to “take the guesswork out of what they should be striving to achieve” #PublicPower www.PublicPower.org

  11. Cybersecurity Roadmap Cybersecurity Roadmap – Using the Scorecard output, provide public power utilities with clear actions to improve their cybersecurity program – Provide information that creates a compelling business case for security investments. #PublicPower www.PublicPower.org

  12. Incident Response Playbook Cyber Incident Response Playbook – Modeled after mutual aid response network – Cyber Mutual Assistance (CMA) being developed nationally – Utilities sharing cyber resources and expertise in a crisis – Exercising the playbook to be prepared (GridEx V – November 13-14, 2019) Acknowledgment: These activities are based upon work supported by the Department of Energy under Award Number DE-OE0000811 . #PublicPower www.PublicPower.org

  13. Cybersecurity Training • Signing up JAAs to be host sites for training – Cybersecurity@publicpower.org • Deliver low cost cybersecurity training and exercises that align with the Scorecard • Conduct Regional facilitated – Orlando July 10-11 (103 attendees) – Kearney Nebraska July 24-25 (73 attendees) – Los Angeles California August 22 (75 registrations) • Hosting a year end public power cybersecurity summit (November 18-20, 2019 Nashville TN) #PublicPower www.PublicPower.org

  14. Technology Deployment • After completing the Scorecard, utilities may be ready to reduce risk by investing in cybersecurity technologies from managed security service providers or other vendors. • The Association’s new Cybersecurity Technology Assistance Program (CTAP) can support that investment first by connecting public power utilities to cybersecurity technology solution providers. Then we can offer an 80% cost share for deploying a monitoring system at qualified utilities. • Developing a Cyber Asset Tracking technology to provide public power utilities with an online tool for: – Cyber Asset Inventory – Geolocation of Cyber Assets – Matching of publicly know vulnerabilities with cyber assets Acknowledgment: These activities are based upon work supported by the Department of Energy under Award Number DE-OE0000811 . #PublicPower www.PublicPower.org

  15. Secure Information Sharing • Sign up for the E-ISAC at www.eisac.com • Sign up for the MS-ISAC at www.cisecurity.org • We continue to recommend the E-ISAC as the trusted source of public power utility’s ICS threat information. • Developing a program for Shared Cybersecurity Services – Joint Action Agency model as a framework to possibly provide a shared cyber analyst – Mature organizations mentoring others – Concise threat feed in our Secure Trusted Community (STC) network Acknowledgment: These activities are based upon work supported by the Department of Energy under Award Number DE-OE0000811 . #PublicPower www.PublicPower.org

  16. Additional Cybersecurity Resources • Cybersecurity Scorecard – 261 public power utilities • Cybersecurity Roadmap – Helps you develop an action plan • Incident Response Playbook – Cyber Mutual Aid – Shared cyber resources • Cybersecurity Training – We bring training to you • Secure Information Sharing – Weekly Situation Report (new) 16 #PublicPower www.PublicPower.org

  17. Resources page: www.publicpower.org/gridsecurity Nathan Mitchell Sr. Director of Cyber and Physical Security Services American Public Power Association 2451 Crystal Dr., Suite 1000, Arlington, VA 22202 Direct: 202.467.2925 NMitchell@PublicPower.org cybersecurity@publicpower.org #PublicPower www.PublicPower.org

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

APPA Update: Public Power Forward JOY DITTO President & CEO American Public Power

APPA Update: Public Power Forward JOY DITTO President & CEO American Public Power

APPA Update: Public Power Forward JOY DITTO President & CEO American Public Power Association USEA 16 th Annual State of the Energy Industry Forum January 23, 2020 #PublicPower www.PublicPower.org What Are Public Power Utilities?

97 views • 8 slides
American Public University System - A Multi-Disciplinary Approach to Cybersecurity Education Dr.

American Public University System - A Multi-Disciplinary Approach to Cybersecurity Education Dr.

American Public University System - A Multi-Disciplinary Approach to Cybersecurity Education Dr. Clay Wilson, CISSP Program Director, Cybersecurity Studies American Public University System Overview About American Public University System

389 views • 17 slides
American Public Power Association Accounting and Finance Spring Meeting Dennis M. Pidherny,

American Public Power Association Accounting and Finance Spring Meeting Dennis M. Pidherny,

American Public Power Association Accounting and Finance Spring Meeting Dennis M. Pidherny, Managing Director April 25, 2019 Sector Outlook: Key Issues Affordability at Prerecession Levels Strong growth in household income has

711 views • 23 slides
A Model Privacy Policy for Smart Grid Data American Public Power Association Legal Seminar

A Model Privacy Policy for Smart Grid Data American Public Power Association Legal Seminar

A Model Privacy Policy for Smart Grid Data American Public Power Association Legal Seminar November 8, 2011 Colin Hagan, JD 2012 Katie Thomas, JD 2013 Research Associates Institute for Energy and the Environment Vermont Law School

547 views • 25 slides
Public Power Overview Jacksonville City Council Future of JEA Workshop #6 March 9, 2020 Amy

Public Power Overview Jacksonville City Council Future of JEA Workshop #6 March 9, 2020 Amy

Public Power Overview Jacksonville City Council Future of JEA Workshop #6 March 9, 2020 Amy Zubaly Susan Kelly Executive Director Immediate Past President and CEO Florida Municipal Electric Association American Public Power Association

484 views • 25 slides
Selected Policy Issues That Keep Me Up at Night Susan N. Kelly President and CEO American

Selected Policy Issues That Keep Me Up at Night Susan N. Kelly President and CEO American

Selected Policy Issues That Keep Me Up at Night Susan N. Kelly President and CEO American Public Power Association USEA 11 th Annual State of the Energy Industry Forum January 21, 2015 APPA in a Nutshell APPA=American Public Power

413 views • 14 slides
Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland Chapter Contents Cybersecurity and risk management 1 Cybersecurity and the regulatory 2 environment Cybersecurity and the audit 3 4 Appendix

685 views • 37 slides
Dealing With Changes Coming to Our Industry Through IRP MGLW Power Supply Advisory T eam Meeting

Dealing With Changes Coming to Our Industry Through IRP MGLW Power Supply Advisory T eam Meeting

Public Power Primer: Dealing With Changes Coming to Our Industry Through IRP MGLW Power Supply Advisory T eam Meeting June 6, 2019 Presentation of Sue Kelly President and CEO, American Public Power Association #PublicPower

552 views • 26 slides
Cybersecurity& Public Utility Commissions November 12, 2014 TCIPG Ann McCabe, Commissioner

Cybersecurity& Public Utility Commissions November 12, 2014 TCIPG Ann McCabe, Commissioner

Cybersecurity& Public Utility Commissions November 12, 2014 TCIPG Ann McCabe, Commissioner Illinois Commerce Commission NARUC (National Association of Regulatory Utility Commissioners) Cybersecurity Primer for State Regulators 2.0 , Feb

104 views • 8 slides
Opportunities for Public Power in a Rapidly Changing Landscape Northeast Public Power Association

Opportunities for Public Power in a Rapidly Changing Landscape Northeast Public Power Association

Next Generation Energy Efficiency: Opportunities for Public Power in a Rapidly Changing Landscape Northeast Public Power Association Fall 2016 Public Utility Management Program November 18, 2016 Brian Buckley Northeast Energy Efficiency

552 views • 33 slides
Wind Power Manufacturing in Wisconsin May 21, 2012 Jeff Anthony American Wind Energy

Wind Power Manufacturing in Wisconsin May 21, 2012 Jeff Anthony American Wind Energy

Wind Power Manufacturing in Wisconsin May 21, 2012 Jeff Anthony American Wind Energy Association American Wind Energy Association AWEA is the non-profit, national trade association for the U.S. wind energy industry AWEA was established in

468 views • 27 slides
National CyberWatch Center National Cybersecurity Student Association CyberStudents.org National

National CyberWatch Center National Cybersecurity Student Association CyberStudents.org National

National CyberWatch Center National Cybersecurity Student Association CyberStudents.org National Cybersecurity Student Association Agenda Introductions Association Overview Vision Mission Objectives Benefits

498 views • 30 slides
APHA 2016 Place Annual American Public Health Association Conference, Denver, Colorado

APHA 2016 Place Annual American Public Health Association Conference, Denver, Colorado

APHA 2016 Place Annual American Public Health Association Conference, Denver, Colorado Faith-Based Cognitive Behavioral Intervention for Depression in African-American Title Dementia Caregivers: Analysis of the Role of Spirituality Eric C.

110 views • 6 slides
By IMP.A.A.C.T. Photography The American Public Works Association exists to develop and support the

By IMP.A.A.C.T. Photography The American Public Works Association exists to develop and support the

By IMP.A.A.C.T. Photography The American Public Works Association exists to develop and support the people, agencies, and organizations that plan, build, maintain, and improve our communities. Working together, APWA and its membership contribute to

757 views • 37 slides
THE WAY FORWARD AMERICAN PUBLIC TRANSPORTATION ASSOCIATION STRATEGIC PLAN 2015-2019 TODAY

THE WAY FORWARD AMERICAN PUBLIC TRANSPORTATION ASSOCIATION STRATEGIC PLAN 2015-2019 TODAY

THE WAY FORWARD AMERICAN PUBLIC TRANSPORTATION ASSOCIATION STRATEGIC PLAN 2015-2019 TODAY INTRODUCTION FOR EVERY $1 INVESTED IN 2013, 10.7 BILLION IN PUBLIC TRANSPORTATION, $4 IS GENERATED TRIPS WERE IN ECONOMIC RETURNS. TAKEN ON PUBLIC

285 views • 11 slides
APA Student Membership Program What is the American Planning Association? About the American

APA Student Membership Program What is the American Planning Association? About the American

APA Student Membership Program What is the American Planning Association? About the American Planning Association We are the oldest and largest community of domestic and international planners. We are an association, which means we exist

179 views • 17 slides
Security Considerations in Blaise E Environments: Options and Solutions i t O ti d S l ti

Security Considerations in Blaise E Environments: Options and Solutions i t O ti d S l ti

Security Considerations in Blaise E Environments: Options and Solutions i t O ti d S l ti Mike Rhoads and Ray Snowden, Westat IBUC 2010 Importance of IT Security p y Sample headlines Sample headlines Virginia (8/27/2010)

472 views • 20 slides
CSC 5290 Cyber Security Practice Fengwei Zhang Wayne State University CSC 5290 Cyber Security

CSC 5290 Cyber Security Practice Fengwei Zhang Wayne State University CSC 5290 Cyber Security

CSC 5290 Cyber Security Practice Fengwei Zhang Wayne State University CSC 5290 Cyber Security Practice 1 Who Am I? Fengwei Zhang Assistant Professor of Computer Science Office: Maccabees Building, Room 14109.3 Emai: fengwei at

559 views • 19 slides
Security Summary Michael McCool Intel Osaka, W3C Web of Things F2F, 17 May 2017 Summary

Security Summary Michael McCool Intel Osaka, W3C Web of Things F2F, 17 May 2017 Summary

Security Summary Michael McCool Intel Osaka, W3C Web of Things F2F, 17 May 2017 Summary Summary Plenary Review of security process Breakout Review of Threat Model Stakeholders, Roles , Assets, Adversaries, Attack Surfaces,

385 views • 6 slides
A Public Web Services Security Framework Based on Current and Future Usage Scenarios Internet

A Public Web Services Security Framework Based on Current and Future Usage Scenarios Internet

A Public Web Services Security Framework Based on Current and Future Usage Scenarios Internet Computing 2002 Conference, Las Vegas, June 2002 J.Thelin, Chief Architect PJ.Murray, Product Manager Cape Clear Software Inc. Web Services Usage

357 views • 11 slides
Cyber@UC Meeting 58 Cool GitHub Projects! If Youre New! Join our Slack: ucyber.slack.com

Cyber@UC Meeting 58 Cool GitHub Projects! If Youre New! Join our Slack: ucyber.slack.com

Cyber@UC Meeting 58 Cool GitHub Projects! If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees: Content Finance Public Affairs

328 views • 19 slides
Using Strategy Objectives for Network Security Analysis Elie Bursztein Stanford University /

Using Strategy Objectives for Network Security Analysis Elie Bursztein Stanford University /

Network Security Game Strategy Automated Analysis Conclusion Using Strategy Objectives for Network Security Analysis Elie Bursztein Stanford University / LSV, Ens-Cachan Inscrypt 2009 Elie Bursztein Using Strategy Objectives for Network

909 views • 78 slides
Things Gateway Ingest Transform Store Present and Act Upon Applications Stream Cloud

Things Gateway Ingest Transform Store Present and Act Upon Applications Stream Cloud

Things Gateway Ingest Transform Store Present and Act Upon Applications Stream Cloud Gateway Event Hubs Analytics Register Legacy IoT (custom protocols) Devices Storage Adapters Consume IP-capable devices Field Gateway

700 views • 37 slides
Programming the Internet of Things Why Devices Need APIs December 8, 2014 Greg Burns Chair of

Programming the Internet of Things Why Devices Need APIs December 8, 2014 Greg Burns Chair of

Programming the Internet of Things Why Devices Need APIs December 8, 2014 Greg Burns Chair of Technical Steering Committee AllSeen Alliance 2 December 2014 AllSeen Alliance 1 Mobile The largest technology platform ~3.3 billion unique

485 views • 24 slides

More recommend