On October 23-27, 2023, CESER conducted an unprecedented delivery of its CyberStrike program – a “simulated real-world cybersecurity event training” – in Hawai’i.
Office of Cybersecurity, Energy Security, and Emergency Response
December 7, 2023
minute read time
Picture this: You are an engineer working at a regional utility in Ukraine. One day, while conducting business as usual, you find that your computer has been hacked and is being remotely controlled by a bad actor bent on wreaking havoc. Despite your best efforts and those of your colleagues trained in Information Technology (IT) and cybersecurity, you watch as the attackers take breakers offline, plunging thousands of people into darkness.
This scenario is real, and it happened in 2015 at three regional utilities across Ukraine. The results of the attacks were widespread, with some 225,000 people experiencing power outages. In response to these incidents, the Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER), directed the Idaho National Laboratory (INL) to design and develop a professional cybersecurity training for the energy workforce, specifically those in operational technology environments. We call this training CyberStrike.
On October 23-27, 2023, CESER conducted an unprecedented delivery of its CyberStrike program – a “simulated real-world cybersecurity event training” – in Hawai’i. The office has offered 82 CyberStrike trainings since 2017 to more than 3,700 professionals in the U.S. and internationally, working to enhance the ability of energy sector owners and operators to prepare for a cyber incident impacting operational technology (OT). CESER ran this series of the CyberStrike trainings in collaboration with the University of Hawai’i, the Pacific Asian Center for Entrepreneurship (PACE), CyberHawaii, and the Hawai’i State Office of Homeland Security.
About 120 professionals from 60 unique organizations who work in electric, oil, and natural gas energy systems attended, including control room operators, energy management systems support workers, and cybersecurity staff. Attendees from other sectors, such as communications, health, academia, and state and federal government partners, also joined in the trainings.
Attendees learned from experts in lectures and hands-on trainings about a variety of cybersecurity topics and tools to understand the tactics, techniques, and procedures of malicious actors and adversaries. Over the course of the week, attendees joined in a total of eight training deliveries, the most CESER has conducted in one location at a time, showcasing the demand for this one-of-a-kind training.
- Utilities systems users: Learn to defend from becoming an easy target and avoid being an entry point through techniques like spearfishing.
- Operators of the electric system: Understand how to best respond to situations where your tools and technology may be used against you.
- IT and OT staff: Build your ability to use techniques to detect, identify, and respond to cyberattack events as they occur.
What were the Cyber attacks in Ukraine in 2015/2016?
During these coordinated attacks, malicious actors targeted the networks of three regional power distribution companies and used remote access to control physical breakers and cause widespread power outages for approximately 225,000 people.
CyberStrike leverages lessons learned from the novel critical infrastructure cyber attacks in Ukraine and the expertise from cyber professionals versed in this challenging area to enable participants to better understand the entry points for cyber attacks, especially on OT within energy systems, and prepare to identify and respond to potential attacks in the future.
In today’s technologically dependent world, our nation’s electricity and oil and natural gas infrastructure is increasingly vulnerable to the types of attacks seen in Ukraine. Hackers are now able to remotely access and control the software and physical technology responsible for reliable electricity in homes and businesses. This energy sector is uniquely critical because all other critical infrastructure sectors depend on power and fuel to operate, including transportation, water, and communications. In addition to ensuring our systems keep up with the flexible and ever-changing tactics of our adversaries – which often comes with long lead times and high price tags – CESER is committed to training the professionals that will reduce the consequences of cyber-enabled sabotage across our nation's critical energy infrastructure systems so our nation stays plugged in.
To learn more about CyberStrike trainings, visit the CyberStrike webpage.