skip to Main Content

Kaspersky NERC Alert: Free Verification Tool

In response to the recent NERC Alert, GridSME compiled a tool that functions as a relatively quick way of identifying if Kaspersky software is on a system or verifying that Kaspersky is no longer installed after using their product removal tools. The tool recursively hashes the contents of the directory you tell it to, and compares each file hash to the NIST NSRL database of known Kaspersky file hashes , which is included in the zip archive available for download below. It can also be used “offline” by using a txt hash input list that is then compared to the NSRL database.

DISCLAIMER: By downloading this tool, user agrees and accepts that GridSME grants no express or implied warranty or guarantee of any kind, including, but not limited to, warranty of quality, merchantability, or fitness for a particular use or purpose. GridSME makes no representations as to the effectiveness of the tool. GridSME is not liable for any damage this tool may cause to your systems. While GridSME tested and verified the usage of this tool on its own systems, scanned with anti-virus tools, and provided integrity verification methods, GridSME strongly recommends that users take the appropriate precautions before introducing into any critical or production environment to ensure both security and compliance requirements are upheld.

If you have any questions about the NERC Alert, mitigation strategies, or need help using the tool, don’t hesitate to reach out to security@gridsme.com

Instructions

Tool download

Signature verification

GridSME To Feature At PV O&M USA 2017
GridSME to feature at PV O&M USA 2017
October 9, 2017

GridSME to feature at PV O&M USA 2017

We’re excited to announce that GridSME team members Matt Barnes and John Franzino will be joining the likes of EDF, 8minutenergy, PG&E, Nautilus Solar, RES, Lendlease, MidAmerican, and many more at PV O&M USA 2017.

Matt will be exploring the business case and revenue streams for solar+storage projects with a panel of industry experts.

John will be explaining how to leverage available data to drive cyber security decision making for PV facility operations.

More information on the event, agenda, speakers, and attendees can be found here.

If you are interested in attending the 4th Annual PV O&M USA 2017 conference & exhibition this Nov 2-3 in San Jose CA, GridSME has a $200 discount code (GRIDSME200) for affiliates to utilize. To register at this rate, members need only quote the code when they register online or message Kerr Jeferies directly at kerr@newenergyupdate.com ahead of Oct 27 to secure this discount before the early bird rates also expire.

The Recent Attacks on U.S. Nuclear Plants – Perspective for Your Environment

Throughout the first two weeks of July, news articles with sensational headlines warning of cyber attacks targeting nuclear plants were found throughout news outlets across the world. Keen readers may have noticed some parallels between those articles and the recent NERC Alert regarding the advanced persistent threat (APT) detected by the FBI and DHS—if you assumed both were describing the same threat, you were right.

So if the threats are credible, and they are in fact targeting nuclear plants on U.S. soil, why shouldn’t you be freaking out just yet?

Read the full post here.

NERC Alert – Advanced Persistent Threat – Remediation Recommendations

When it rains, it pours—and its pouring in the cyber security world right now. Below is the first of many detailed cyber security recommendations and implementation guidelines we are releasing to help raise awareness, share information, and collectively improve our security posture as an interconnected grid. We are taking these threats seriously and we hope you are too.

An advanced persistent threat (APT) has been identified by the FBI and DHS, and documented in both a Joint Analysis Report (JAR) and the NERC Alert issued June 30, 2017.

Read the full post here.

NERC Alert – Crash Override – Challenging Beliefs

A NERC Alert issued June 13, 2017 advises on the Crash Override malware found to be behind the December 2016 attack on the Ukrainian power grid. While the NERC Alert provides many great details on the malware’s technical characteristics, the fact of the matter is Crash Override is among the most sophisticated ICS-specific malware variants ever detected, with the ability to “cause loss of visibility, loss of control, manipulation of control, interruption of communications, and deletion of local and networked critical configuration files.” Perhaps most concerning is the malware’s ability to be easily tailored to specific ICS environments, communication protocols, and devices.

This type of sophisticated malware forces us to rethink some common predisposed cybersecurity beliefs:

Read the full post here.

Curtailment Mitigation Strategies
Curtailment Mitigation Strategies
June 14, 2017

Curtailment Mitigation Strategies

Curtailments and energy imbalances can be costly for any generator, whether you are a new market entrant, such as solar PV, or an industry veteran, such as hydro. Generators used to be able to set it and forget it when it comes to scheduling and operations. There may have been a rare occurrence when the CAISO instructed your generator to curtail through an exceptional dispatch. And the occasional forced outage was inevitable, but nothing to fret over. However, more recently, generators are experiencing frequent instances of curtailment, and greater imbalance uncertainty due to the more intermittent profile of the generation fleet and higher market price volatility.

Read More

NERC Report on August 2016 Solar PV Disturbance

On June 8th, NERC issued a report that stemmed from a joint NERC/WECC investigation into the loss of solar generation that occurred on August 16, 2016 resulting from line faults due to a nearby wildfire. “By the end of the day, the SCE transmission system experienced thirteen 500 kV line faults and the LADWP system experienced two 287 kV faults … four of these fault events resulted in the loss of a significant amount of solar photovoltaic (PV) generation” including a “single loss of nearly 1,200MW.”

Read More
GridSME Works To Enhance The Energy Storage Movement
GridSME Works to Enhance the Energy Storage Movement
June 6, 2017

GridSME Works to Enhance the Energy Storage Movement

GridSME is excited to work with many of the industry’s leading developers in the emerging energy storage space. Our team collaborates with clients on detailed analyses of standalone storage installations and combined “generation + storage” projects.

From a feasibility analysis perspective, GridSME evaluates the technical characteristics of an existing generation facility or proposed new facility to determine the optimal configuration and operation of integrating an energy storage resource. Additionally, GridSME evaluates the economic considerations and constraints associated with the facility, such as the PPA terms, interconnection requirements, and go-to-market considerations. We emphasize the need for developers to be cognizant of the technical and economic aspects of integrating energy storage with existing or new generation facilities (e.g., Solar/Wind + Storage).

Read More
Back To Top