GM 24 Tutorial - CyberStrike STORMCLOUD: Hands on Cybersecurity Training for Renewable Energy (Slides)

As renewable energy penetration grows, these systems become both more critical to the reliability of the grid and a larger target for cyberattacks. These systems were not all designed and deployed for today’s threats, and adversaries are capable of changing their tactics swiftly. Hacking organizations around the world have already proven that they can turn off electricity to hundreds of thousands of homes by remotely accessing and changing the command settings of operational technology, and events in recent years have demonstrated both intentional and unintentional targeting of renewable energy providers and equipment. To train the renewable energy workforce to proactively think about the cyber risks and apply mitigations at their own organizations, the U.S. Department of Energy’s Offices of Cybersecurity, Energy Security, and Emergency Response (CESER) and Solar Energy Technology Office (SETO), in collaboration with Idaho National Laboratory (INL) and Sandia National Laboratories (SNL) have developed the CyberStrike STORMCLOUD training program. Curriculum covers specific renewable energy cybersecurity incidents and emerging threats, and hands-on exercises mimic real-world adversarial and defensive scenarios for students.