CyberStrike STORMCLOUD: Hands-on Wind Cybersecurity Training

In this 4-hour session, attendees will learn about cybersecurity risks that should be prioritized for renewable energy stakeholders. Real-world cyberattacks affecting renewable energy assets and stakeholders are on the rise, with publicly disclosed events in the U.S., Europe, and across Asia. As IBR energy penetration grows, these systems become both more critical to the reliability of the grid and a larger target for adversaries. The complex controls and interfaces used to manage and control these devices were not all designed for today’s threats. To train the renewable energy workforce to proactively think about the cyber risks and apply mitigations at their own organizations, the U.S. Department of Energy’s Offices of Cybersecurity, Energy Security, and Emergency Response (CESER) and Solar Energy Technology Office (SETO), in collaboration with Idaho National Laboratory (INL), have developed the CyberStrike STORMCLOUD training program, with versions of this program that focus on wind energy. Curriculum covers specific renewable energy cybersecurity incidents and emerging threats, and hands-on exercises mimic real-world adversarial and defensive scenarios for students. Topics include exploration of real-world incidents affecting wind and other renewable energy assets, trends in vulnerabilities, network reconnaissance, backdoor accounts, replay and machine-in-the-middle attacks, and defense.
Interested in attending or learning more? Click here.