#cybersecurity | hacker | Energy company hit with DoS attack last spring identified as sPower

#cybersecurity | hacker | Energy company hit with DoS attack last spring identified as sPower

Utah-based wind and solar energy developer sPower has been identified as the utilities company that suffered a previously reported denial of service attack that disrupted its normal business activity last March 5.


The cyberattack briefly cut off communications between sPower’s control centers and a dozen remote wind and solar farms that served as its power generation stations, according to documentation obtained by trade media website E&E News, following a Freedom of Information Act request. In a report on its latest findings, E&E yesterday described the incident as a “first-of-its-kind” attack.


The documentation consists of an Electronic Emergency Incident and Disturbance Report, which contains what appears to be an email communication signed by a Department of Energy employee. This email explains that the communications outages were caused by the exploitation of a vulnerability in Cisco firewalls that caused repeated rebooting. The incident was observed in intermittent bursts over a 12-hour period, at which point sPower applied a patch to fix the condition.


None of the utility’s operational technology systems were affected, and customers of the utility did not experience any power loss.


Earlier this year, E&E had reported that the incident had lasted from 9:12 a.m. to 6:57 p.m. on the day of the attack, affecting system operations in Kern and Los Angeles Counties in California, Salt Lake County in Utah, and Converse County in Wyoming. However, the event “did not impact generation, the reliability of the grid or cause any customer outages,” the report continued, quoting a DOE official at the time.


According to E&E, Lara Hamsher, government relations and communications manager at sPower, said the company has improved its systems to “help ensure as much uptime as possible.”


It remains unknown if the incident ..

Support the originator by clicking the read the rest link below.