Practical training for energy sector owners and operators
Today’s critical infrastructure—powered by motors, pumps, substations, and valves—is operated remotely by connection to the internet, making it vulnerable to cyberattacks. Hackers have already demonstrated the ability to disrupt power to hundreds of thousands of homes by remotely manipulating operational technology (OT).
OT systems manage essential services like electricity, water, and telecommunications, but many were built before the internet and lack modern security features.
To help mitigate cyber threats, the U.S. Department of Energy’s Office of Cybersecurity, Energy Security and Emergency Response (CESER), in collaboration with Idaho National Laboratory, created the CyberStrike training program. It equips energy sector operators to better defend OT systems against cyber incidents.
Workshops
LIGHTS OUT (Electric Sector)
The CyberStrike LIGHTS OUT workshop helps energy sector operators prepare for cyber incidents targeting industrial control systems. Participants engage in a hands-on simulation based on real-world attacks, including the 2015 and 2016 Ukraine power grid incidents.
NEMESIS (All Sectors)
The CyberStrike NEMESIS workshop builds on LIGHTS OUT by exploring advanced tactics used by top-tier cyber adversaries targeting industrial control systems.
SHADOW VALVE (ONG Sector)
The SHADOW VALVE workshop, a counterpart to LIGHTS OUT, is tailored for the oil and natural gas sector. It features hands-on exercises using a control program for oil and gas separation instead of electric systems.
STORMCLOUD (Alternative Energy Sector)
The CyberStrike STORMCLOUD training workshop was designed to enhance the ability of energy sector owners and operators to prepare for a cyber incident impacting control systems associated with alternative energy technologies.
FORENSIC ANALYSIS (Technical Analysts)
The FORENSIC ANALYSIS workshop challenges participants to investigate cyberattack scenarios by analyzing logs, network traffic, malware, and suspicious files—building skills to better protect ICS assets and networks.
Continuing Education Units
CyberStrike is accredited to issue IACET Continuing Education Units. Trainees will be granted continuing education units credit upon completion of each of the CyberStrike training workshops.
Disclaimer: Training personnel do not discriminate based on race, color, religion, national origin, sexual orientation, physical or mental disability, or gender expression/identity. Additionally, they do not possess proprietary interest in any product, instrument, device, service or material discussed in this course.
Sponsor and Participating Organizations
Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER), Solar Energy Technologies Office (SETO) and Wind Energy Technologies Office (WETO) address the emerging threats of tomorrow while protecting the reliable flow of energy to Americans today by improving energy infrastructure security and supporting the Department of Energy’s national security mission.
Idaho National Laboratory is a world leader in providing industrial control system (ICS) cybersecurity workforce training and development. The laboratory’s distinctive history in protecting critical infrastructure systems puts the lab at the forefront of thought leadership and applied innovation in critical infrastructure cybersecurity education. INL uses a comprehensive approach to developing ICS cybersecurity training programs that can be tailored to meet the energy sector’s needs identified by the DOE, utilities and other organizations.
For more information contact, [email protected] or send your question to National Security Communications.