Environment & Energy Report

Duke Energy Hit by 650M Cyber Attempts to Breach Systems in 2017

July 13, 2018, 6:07 PM

Duke Energy Corp. was hit by more than 650 million cyber attempts to breach the utility’s systems in 2017, the company’s executive in charge of cybersecurity said July 13.

“We fully recognize we are a high-value target for anyone who wants to do anything nefarious to critical infrastructure,” Brian Harrell, Duke’s managing director of Enterprise Protective Services, said at an event at George Washington University’s Center for Cyber and Homeland Security

“The fact that we have this statistic means that we are focused on it, we are looking at it, we are monitoring it, we’re penetrating our own system to ensure that we are moving the envelope,” said Harrell, who is also a senior fellow at the George Washington center.

“We’re trying to find the vulnerabilities before anyone else does, and I think that is the sign of a very mature program,” he added. He said the company is working closely with federal agencies including the Department of Homeland Security, the Department of Energy, and the Federal Bureau of Investigation.

Duke, one of the largest utilities in the world, spent $200 million on physical security upgrades for many electricity substations over the past 18 months, Harrell said. He said the utility also is investing “millions and millions” of dollars into its cybersecurity defenses.

Duke provides electricity to 7.6 million customers in six states in the Southeast and Midwest regions of the U.S. It owns nearly 50,000 megawatts of generation including nuclear, coal, oil, natural gas, and hydropower.

To contact the reporter on this story: Rebecca Kern in Washington at rkern@bloombergenvironment.com

To contact the editor responsible for this story: Rachael Daigle at rdaigle@bloombergenvironment.com

To read more articles log in. To learn more about a subscription click here.