Skip to main content
close search
site logo
Dive Brief

Malware found in Entergy's corporate network raises MISO alert

Published Feb. 8, 2018
Robert Walton's headshot
Senior Reporter
Getty

Dive Brief:

  • Malware discovered on Entergy's corporate network has been removed, but the discovery compelled the regional grid operator to raise its own threat level in response to the news.
  • Around noon on Tuesday, the Midcontinent ISO implemented a "System Status Level 2 ORANGE," explaining that Entergy "has been impacted by Malware," reducing the utility's connection to some MISO systems.
  • Entergy said the the malware had only impacted its corporate network and some employee devices, and was not connected to the utility's operational systems. While there was some impact on customers' ability to access their accounts, there was no chance that nuclear plants or Entergy's transmission network would have been impacted.

Dive Insight:

The malware has been eradicated and MISO has dropped its threat level back to 0, or Green, but the event is a reminder of threats the utility industry faces and demonstrates how seriously they are taken.

Entergy said there is no evidence customer data was compromised, though customers did experience slower network responses when logging into their account.

"The systems used to operate Entergy’s nuclear and other power plants, transmission and distribution systems are on separate networks, and are not impacted by this issue," the company said.

Despite that, MISO said the malware had led to "limiting access to their users which limits their ability to connect to some MISO systems. At this time MISO has full visibility and functionality. Entergy has no connection to Crow or MISO Citrix."

Entergy is currently investigating the incident. 

Three years ago, a cyberattack on Ukraine resulted in widespread power outages. Since then, the power sector has been bolstering its defenses. Last year, more than 6,000 individuals participated last week in a simulated attack on the power grid in an exercise held once every two years by the North American Electric Reliability Corp.

The Electricity Information Sharing and Analysis Center, the group within NERC that held the GridEx attack simulation, has also been investing millions to upgrade its online systems where utilities can report threats. According to E&E News, E-ISAC will double its number of employees in the next five years. 

Most utility executives in North America believe a cyberattack is likely in the next few years. According to a Utility Dive survey of utility professionals last year, cyber and physical grid security is now the most pressing issue facing the industry.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Utility Broadband Alliance 2024 Summit & Plugfest Shatters Attendance Milestone
From Utility Broadband Alliance
November 21, 2024
General Atlantic’s BeyondNetZero Fund and TA Partner to Drive Continued Growth of Technosylva
From Technosylva
November 21, 2024
Puget Sound Energy Maximizes Consumer Participation in Rates Engagement Pilot Powered by Uplig…
From Uplight
November 12, 2024
Edo and EPRI Earn Award from the California Energy Commission (CEC) to Advance VPPs
From Edo
October 31, 2024
Editors' picks
Latest in Transmission & Distribution
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell