Free Webinar:

Join us on 3/29 and learn how to prepare for effective OT incident response.

Register Now
Skip to main content
Industries
Industrial Cybersecurity in the
Electric Grid Operations
Industry
http://dragos%20illustration%20representing%20Electric%20industry

86% of Dragos services customers in the electric industry had limited to no visibility into their ICS/OT environment.

Dragos 2022 ICS Cybersecurity Year In Review
As threats to the electric sector become more frequent and sophisticated, organizations must look to reduce the risk of a devastating cyber attack such as the 2015 incident in the Ukraine. Take a proactive, holistic approach to protect the full spectrum of operations and defend your critical infrastructure with the world’s most robust ICS cybersecurity technology and the largest team of ICS practitioners who built it.
Case Study

Industrial Strength Cybersecurity for Electrical Substations

In recent years, there has been a continual rise in sophisticated cyber threats to electric grid infrastructure. with the intent of causing significant operational disruptions. Substations are critical components of the generation and transmission of electricity, making them a top target. Cyber attacks, if successful, can disconnect generation and transmission lines resulting in grid failures and widespread blackouts.
VIEW THE CASE STUDY
High voltage power transformer substation
an icon depicting cybersecurity. The green gradient icon has a square with a padlock in the middle and multiple arms

Visualize, Detect, and Respond to Threats against Your Operations

POMERANIA DISTRICT,POLAND - DECEMBER 8,2018: Aerial view of electricians working on electric poles to install and repair power lines.

Protect your assets and respond to threats against generation, transmission, and distribution systems — all in one place.

The Dragos Platform provides ICS defenders with unprecedented visibility of their assets and communications, knowledge of threats through intelligence-driven analytics, and prescriptive guidance via playbooks to investigate and respond to incidents.

EXPLORE THE DRAGOS PLATFORM
threat-analytics

Gain in-depth visibility of threats electric systems face.

Make global situational awareness part of your comprehensive security strategy with Dragos ICS Threat Intelligence. Receive pertinent reports via email or our online portal, and participate in live quarterly webinars with our deeply experienced team of ICS/OT intel analysts.

THREAT INTELLIGENCE
Manage icon

Attack electric sector cyber threats from all angles.

Dragos’ experienced Professional Services team can be dispatched to perform a variety of activities that allow you to fully understand your ICS environment, mitigate risks, and respond to threats confidently. Instructor-led ICS training classes are also available year-round.

PROFESSIONAL SERVICES
Quotation

The clear understanding Dragos has of the environment in which we operate allows us to cut through the hype around many potential industry vulnerabilities, so we can focus on the ones that matter most as we look after vital infrastructure and ensure supply to our customers.

National Grid

Known Activity Groups Targeting Electric Systems

The electric industry is a prime target for adversaries seeking to exploit industrial controls systems environments. An attack can happen at any point across the major stages of operations. To help protect your infrastructure, Dragos tracks eight activity groups targeting the electric sector and will continue to update this list as more information becomes available.

a token from CHERNOVITE has the capability to disrupt, degrade, and potentially destroy industrial environments and physical processes in industrial environments.
CHERNOVITE
since 2021
CHERNOVITE has the capability to disrupt, degrade, and potentially destroy industrial environments and physical processes in industrial environments.
ERYTHRITE adversary group trading card from Dragos
ERYTHRITE
since 2020
ERYTHRITE is an activity group that broadly targets organizations in the U.S. and Canada with ongoing, iterative malware campaigns.
KOSTOVITE adversary group PETROVITE trading card from Dragos
KOSTOVITE
since 2021
In March of 2021, the activity group KOSTOVITE compromised a renewable energy operator.
adversary group PETROVITE trading card from Dragos
PETROVITE
since 2019
PETROVITE demonstrates Stage 1 of the ICS Kill Chain capabilities and targets mining and energy operations in Kazakhstan.
STIBNITE
STIBNITE
since 2019
VPN compromise of IT networks to conduct reconnaissance
KAMACITE
KAMACITE
since 2014
Known to facilitate operations leading to disruptive ICS attack
TALONITE
TALONITE
since 2019
Focused on physical destruction and long-term persistence
Xenotime logo
XENOTIME
since 2014
Focused on physical destruction and long-term persistence
Electrum Icon
ELECTRUM
since 2016
Electric grid disruption and long-term persistence
dymalloy logo
DYMALLOY
since 2016
Deep ICS environment information gathering, operator credentials, industrial process details
Magnallium logo
MAGNALLIUM
since 2017
IT network limited, information gathering against industrial orgs
Raspite logo
RASPITE
since 2017
IT network limited, information gathering on electric utilities with some similarities to CHRYSENE
Parisite logo
PARISITE
since 2017
VPN compromise of IT networks to conduct reconnaissance
wassonite logo
WASSONITE
since 2018
IT compromise and information gathering
Allanite icon
ALLANITE
since 2017
Watering-hole and phishing leading to ICS recon and screenshot collection
Chrysene logo
CHRYSENE
since 2017
IT compromise, information gathering and recon against industrial orgs
View all Threat Group Reports

Cyber threats don't wait _

CONTACT US TODAY

Related Electric Resources

VIEW MORE
Datasheets
Electric Renewables
Industrial Strength Cybersecurity for Renewable Energy
View Data
Datasheets
Electric
Industrial Strength Cybersecurity for Electrical Substations
View Data
Datasheets
Australia Electric
Australian Energy Sector Cyber Security Framework (AESCF) Solution Brief
View Data
VIEW MORE

Events

MORE EVENTS

Join us on the frontlines with the latest webinars and events.

Webinars
Incident Response OT Cybersecurity
How to Prepare for Effective OT Incident Response Part 3

03.29.23

register
Webinars
Incident Response OT Cybersecurity
EU: How to Prepare for Effective OT Incident Response Part 3

03.29.23

register
Events
SIGS Special Event: OT Security Threats

03.30.23

Register Now
MORE EVENTS