In this 4-hour session, attendees will learn about cybersecurity risks unique to the solar energy industry. As solar energy penetration grows, these systems become both more critical to the reliability of the grid and a larger target for cyberattacks. These systems were not all designed and deployed for today’s threats, and adversaries are capable of changing their tactics swiftly. To train the renewable energy workforce to proactively think about the cyber risks and apply mitigations at their own organizations, the U.S. Department of Energy’s Offices of Cybersecurity, Energy Security, and Emergency Response (CESER) and Solar Energy Technology Office (SETO), in collaboration with Idaho National Laboratory (INL) and Sandia National Laboratories (SNL) have developed the CyberStrike STORMCLOUD training program, with versions of this training that focus on solar energy. Curriculum covers specific renewable energy cybersecurity incidents and emerging threats, and hands-on exercises mimic real-world adversarial and defensive scenarios for students. Topics include exploration of real-world incidents affecting solar energy assets, trends in vulnerabilities, malicious firmware updates, exploration and exploitation of web interfaces, network attacks, and brute forcing. Interested in attending or learning more? Click: here.
