Good day. A Trump administration directive to cut reliance on foreign suppliers aims to protect the power grid from Chinese and Russian threats. But, as WSJ Pro Cybersecurity’s David Uberti reports, power companies aren’t sure how to respond to the proposed new rules.
Other news: Veterans Administration hack; “vishing” attack at Michigan health-care system; dossier database linked to Chinese intelligence; medical-security startup gets $30 million in Series B funding.
Power companies brace for supply chain shake-up from new cyber rules. A Trump administration executive order on May 1 to cut reliance on suppliers from countries like China leaves in a lurch power companies that rely on global supply chains for equipment, company officials and lawyers say. Some firms in recent weeks have urged the Energy Department to clarify its new restrictions as the agency prepares to roll out rules this fall.
Many U.S. power companies rely on foreign vendors for equipment like transformers and turbines, as well as component parts in such products. Company officials and lawyers say that rejiggering those supply chains and replacing existing parts or contracts could take time and money.
“The industry has significant concern over the outcome from [the Energy Department] regarding replacement of assets already in production and how that will be funded,” said Steve Swick, chief security officer for American Electric Power Co.
Federal officials have held virtual meetings and issued guidance to clarify the types of equipment under scrutiny, such as transformers, capacitors and circuit breakers. The list of adversaries includes China, Cuba, Iran, North Korea, Russia and Venezuela.
Read the full story.
Real Life. Real News. Real Voices
Help us tell more of the stories that matterBecome a founding member
More Cyber News
Hack at VA exposed data about 46,000 U.S. military veterans. A financial app was breached at the U.S. Department of Veterans Affairs in an attempt to divert payments intended for medical providers. The VA’s statement didn’t say whether the attackers were successful. They used a combination of hacking tools and social engineering techniques to gain access to the system, said the VA, which is notifying affected individuals or their next of kin. The U.S. Department of Health and Human Services is investigating the incident.
Michigan health-care provider warns patients about scam calls. Scammers posing as employees of Spectrum Health System are calling patients to collect personal information, the Grand Rapids, Mich.-based health-care system said in a statement on its website. The so-called vishing schemes, named for their similarity to phishing email but by voice, are pressuring patients to reveal data about themselves or their devices, or to make payments, Spectrum Health said. “These are not the type of questions our employees would ask in a legitimate phone call from Spectrum Health or Priority Health,” said Scott Dresen, senior vice president and chief information security officer.
Dossier database linked to Chinese intelligence. China-based information-gathering firm Zhenhua Data has amassed a database with details about 2.4 million individuals world-wide, Computing reports. The data appear to have been collected from publicly accessible sources, such as Twitter and Facebook, and contain profiles of 52,000 Americans, 35,000 Australians and others, as well as 650,000 organizations. A U.S. professor who had worked at Peking University in China received a copy of the database and said Zhenhua Data does work for China’s government, according to ABC News in Australia. Zhenhua Data didn’t response to the broadcaster’s request for comment.
Medigate cybersecurity startup raises $30 million. New York-based Medigate, which secures medical devices and health-care networks, closed a Series B round of funding led by Partech Ventures, with Maor Investments, YL Ventures, U.S. Venture Partners and Blumberg Capital, Forbes reports.
Subscribe to the newsletter news
We hate SPAM and promise to keep your email address safe