Energy to fund 16 infrastructure cybersecurity projects 

The Department of Energy announced a $45 million investment into 16 projects dedicated to shoring up cybersecurity across the electric grid and other energy infrastructure, the agency announced Monday afternoon.

The project selections, which are spread across university research foundations and private sector firms, include investments into threat detection techniques and authentication systems that would make it more difficult for hackers to hijack power sources.

The funding is derived from the 2021 Infrastructure Investment and Jobs Act, according to the Energy Department’s office focused on cybersecurity, energy security and emergency response. The same funding mechanism was used in a recently unveiled White House cybersecurity effort to overhaul port and maritime infrastructure

The Cybersecurity and Infrastructure Security Agency designates energy as its own critical infrastructure sector. A sweeping implementation framework aimed at bolstering the nation’s cybersecurity posture asks the Energy Department to identify pilot projects for securing energy systems and refine industrial control systems to support engineers and technicians that work on securing energy infrastructure.

Energy sector cybersecurity has been top of mind for officials for several years but became a tangible threat in 2021 when Russia-linked ransomware hackers breached the infrastructure of a major fuel pipeline system run by Colonial Pipeline, forcing the company to shutter the pipeline operations for several days. The event was a wake-up call for federal officials who began establishing task forces and other entities to help prevent related incidents in the future. 

The Treasury Department sanctioned Iranian cyber operatives in early February for supporting a Tehran-backed hacking group’s infiltration into U.S. water infrastructure late last year. The hackers breached industrial water treatment equipment across multiple states, prompting mitigation advisories from officials.