Three agencies team on cyber defense of energy infrastructure

Three agencies with stakes in protecting critical energy infrastructure renew their efforts to develop cyber threat protections.

The Departments of Energy, Homeland Security and Defense have extended their joint effort to develop common cyber threat indicators and cyber defense capabilities to protect critical infrastructure in the energy sector.

The agencies signed a new memorandum of understanding to develop common, cross-agency threat data and to collaborate on cyberattack response playbooks for energy infrastructure stakeholders. The MOU extends the Pathfinder information sharing effort for critical infrastructure sectors among the agencies begun in 2018.

"Through this agreement, we will strengthen the partnership between DOE, DHS, and DOD to enable intergovernmental cooperation and bolster our ability to proactively address cyber threats to critical energy infrastructure, and to respond effectively should those threats materialize," Karen Evans, DOE's assistant secretary of cybersecurity, energy security and emergency response, said in a Feb. 3 statement.

Bryan Ware, assistant director for cybersecurity at DHS' Cybersecurity and Infrastructure Security Agency, said the agreement will help develop threat indicators and warnings that can cross multiple national critical functions, enhance cyber threat information sharing and expedite response.

Kenneth Rapuano, assistant secretary of defense for homeland defense and global security, said the energy sector Pathfinder effort "is a priority initiative" at DOD.

Sharing threat information among government agencies and critical infrastructure providers has become urgent in the wake of recent military confrontations and cyber threats from not only Russia and China, according to experts, but particularly from Iran. The U.S. government is a keystone in defense of the mostly commercially owned energy sector infrastructure.

In an increasingly dangerous global cyber environment, privately owned U.S. energy infrastructure could bear the brunt of a possible Iran-backed retaliatory cyberattack in the wake of the U.S. killing of Iranian Gen. Qassem Soleimani in January, according to a top military cyberspace officer.

U.S. military strikes against nation-state officials in retaliation for cyberattacks on U.S. infrastructure, said Gregg Kendrick, executive director, Marine Corps Forces Cyberspace Command, could bring consequences to private-sector energy infrastructure networks.

Kendrick and others on the panel at a Feb. 4 critical infrastructure conference agreed that Iran has historically taken a long view of retaliation and that the U.S. energy critical infrastructure remains in the country's crosshairs.

"The U.S. government networks are actually pretty well defended" against those attacks, he said. "It would really go against the business side."

NEXT STORY: Data exchange and cybersecurity