3-Part Webinar Series:

Get highlights of new OT threat activity, vulnerabilities, and insights from frontline defense.

Skip to main content
Industries
Industrial Cybersecurity in the
Electric Grid Operations
Industry
http://dragos%20illustration%20representing%20Electric%20industry

Ransomware attacks against industrial organizations increased 50%.

Cyber threats continue to increase at an accelerating rate for the electric industry with impacts ranging from potential blackouts to safety events. Utilities facing these challenges cannot undertake the journey alone. Instead, they need to pursue partners and technologies, like Dragos, that support their operational needs and business objectives. By implementing internal network security monitoring (INSM) with the Dragos Platform, asset owners and operators can actively defend their industrial control systems with the world’s most robust ICS/OT cybersecurity technology and the largest team of practitioners who built it.
Case Study

Industrial Strength Cybersecurity for Electrical Substations

In recent years, there has been a continual rise in sophisticated cyber threats to electric grid infrastructure. with the intent of causing significant operational disruptions. Substations are critical components of the generation and transmission of electricity, making them a top target. Cyber attacks, if successful, can disconnect generation and transmission lines resulting in grid failures and widespread blackouts.
VIEW THE CASE STUDY
High voltage power transformer substation
an icon depicting cybersecurity. The green gradient icon has a square with a padlock in the middle and multiple arms

Visualize, Detect, and Respond to Threats against Your Operations

POMERANIA DISTRICT,POLAND - DECEMBER 8,2018: Aerial view of electricians working on electric poles to install and repair power lines.

Protect your assets and respond to threats against generation, transmission, and distribution systems — all in one place.

The Dragos Platform provides ICS defenders with unprecedented visibility of their assets and communications, knowledge of threats through intelligence-driven analytics, and prescriptive guidance via playbooks to investigate and respond to incidents.

EXPLORE THE DRAGOS PLATFORM
threat-analytics

Gain in-depth visibility of threats electric systems face.

Make global situational awareness part of your comprehensive security strategy with Dragos ICS Threat Intelligence. Receive pertinent reports via email or our online portal, and participate in live quarterly webinars with our deeply experienced team of ICS/OT intel analysts.

THREAT INTELLIGENCE
Manage icon

Attack electric sector cyber threats from all angles.

Dragos’ experienced Professional Services team can be dispatched to perform a variety of activities that allow you to fully understand your ICS environment, mitigate risks, and respond to threats confidently. Instructor-led ICS training classes are also available year-round.

PROFESSIONAL SERVICES
Quotation

The clear understanding Dragos has of the environment in which we operate allows us to cut through the hype around many potential industry vulnerabilities, so we can focus on the ones that matter most as we look after vital infrastructure and ensure supply to our customers.

National Grid

Known Activity Groups Targeting Electric Systems

The electric industry is a prime target for adversaries seeking to exploit industrial controls systems environments. An attack can happen at any point across the major stages of operations. To help protect your infrastructure, Dragos tracks eight activity groups targeting the electric sector and will continue to update this list as more information becomes available.

VOLTZITE threat group token
VOLTZITE
since 2017
Watering-hole and phishing leading to ICS recon and screenshot collection
a token from CHERNOVITE has the capability to disrupt, degrade, and potentially destroy industrial environments and physical processes in industrial environments.
CHERNOVITE
since 2021
CHERNOVITE has the capability to disrupt, degrade, and potentially destroy industrial environments and physical processes in industrial environments.
KOSTOVITE adversary group PETROVITE trading card from Dragos
KOSTOVITE
since 2021
In March of 2021, the activity group KOSTOVITE compromised a renewable energy operator.
adversary group PETROVITE trading card from Dragos
PETROVITE
since 2019
PETROVITE demonstrates Stage 1 of the ICS Kill Chain capabilities and targets mining and energy operations in Kazakhstan.
STIBNITE
STIBNITE
since 2019
VPN compromise of IT networks to conduct reconnaissance
KAMACITE
KAMACITE
since 2014
Known to facilitate operations leading to disruptive ICS attack
TALONITE
TALONITE
since 2019
Focused on physical destruction and long-term persistence
Xenotime logo
XENOTIME
since 2014
Focused on physical destruction and long-term persistence
Electrum Icon
ELECTRUM
since 2016
Electric grid disruption and long-term persistence
dymalloy logo
DYMALLOY
since 2016
Deep ICS environment information gathering, operator credentials, industrial process details
Magnallium logo
MAGNALLIUM
since 2017
IT network limited, information gathering against industrial orgs
Raspite logo
RASPITE
since 2017
IT network limited, information gathering on electric utilities with some similarities to CHRYSENE
Parisite logo
PARISITE
since 2017
VPN compromise of IT networks to conduct reconnaissance
wassonite logo
WASSONITE
since 2018
IT compromise and information gathering
Allanite icon
ALLANITE
since 2017
Watering-hole and phishing leading to ICS recon and screenshot collection
Chrysene logo
CHRYSENE
since 2017
IT compromise, information gathering and recon against industrial orgs

Cyber threats don't wait _

Join us on the frontlines with the latest webinars and events.

Event
Fortinet Accelerate 2024

MANDALAY BAY, LAS VEGAS

04.01.24 – 04.05.24

Event
DEEP608 V8.0

Madison, Wisconsin Monona Terrace

04.03.24 – 01.01.70

Event
Ritas with with Robert M. Lee

Houston, TX

04.09.24 – 01.01.70