November 20, 2023 at 06:03AM
GridEx VII, the largest grid security exercise in North America, saw participation from over 250 organizations and focused on testing crisis response and recovery plans for cyber and physical threats to the electrical grid. A report with lessons learned is expected in Q1 2024. Previous objectives included coordination between the US and Canada, handling misinformation, and response to supply chain-based compromises. Recent reports highlight power grid attacks by the Russian threat group Sandworm and a China-linked threat actor.
Key takeaways from the meeting notes:
1. GridEx VII, the largest grid security exercise in North America, took place last week with participation from over 250 organizations from the US and Canada.
2. The exercise focused on testing crisis response and recovery plans for cyber and physical threats targeting the electrical grid.
3. A report detailing the exercise and lessons learned is expected to be released in the first quarter of 2024, which will help improve the security of the grid.
4. The previous GridEx edition aimed at strengthening coordination between the US and Canada, as well as coordination between the electric sector and other sectors like natural gas and telecoms.
5. Other objectives included addressing the handling of misinformation and responding to a supply chain-based compromise of critical components.
6. Recent reports have highlighted attacks on power grid systems, such as the use of novel OT attack techniques by the Russian threat group Sandworm that caused a power outage in Ukraine, and a China-linked threat actor maintaining access to a compromised national power grid in Asia for six months.
7. The meeting notes also mentioned related articles and initiatives regarding the security of the North American energy grid, including the launch of a commercial OT security solution and a cybersecurity boost for rural and municipal utilities.