Energy Industry Technology Trends for 2018

Unlike any other time, technology is having a tremendous impact on the energy industry. Some of the major trends are in areas we’re familiar with, yet the level of activity has increased dramatically.

We see energy providers increasingly turning to information and communications technology to modernize the grid and improve situational awareness, with the goal of further maximizing the use of operational assets and optimizing the energy value chain. With specific expertise in these areas, we at Intel, along with our energy industry partners, are focused on the following technology trends for 2018:


Solar energy collectors.


1. Costs for Solar and Wind Power Continue to fall

In an increasingly larger number of countries, it has now become more economical to install solar and wind capacity than coal capacity. It is estimated that more than 30 countries have already reached grid parity without subsidies, and around two thirds of the world should reach grid parity in the next couple of years, according to the World Economic Forum.


2. Governments Invest in Green Energy

Countries are making green investment pledges to raise more money for climate action, as seen by commitments made at the Paris Climate Accord and the “One Planet” summit in Paris. Some of these efforts will drive the gasification of the coal industry in the short term and the growth of utility-scale solar and wind generation (off-shore and on-shore) in the long term to reduce the emission of pollutants.


3. Utility Companies Add Batteries to the Grid

Lithium-ion batteries are now a viable option to store energy on the grid, enabling utility companies to take full advantage of renewable energy sources despite their variable, intermittent output. One example is San Diego Gas & Electric (SDG&E), which deployed a 30 MW lithium-ion battery system, capable of storing 120 MWh of energy and serving 20,000 customers for four hours.


4. Electric Vehicle Momentum Accelerates

A lack of ubiquitous and fast charging stations has caused potential electric vehicle (EV) owners to defer their purchase as they may not consider an EV as a replacement of their gasoline powered car. Some automakers and utilities see this as a big opportunity and plan to significantly increase the number of vehicle charging stations. Four automakers started a joint venture, called create Ionity, with plans to install a network of 400 high-power EV chargers across Europe by 2020; and French utility Engie bought Dutch EV-Box, one of Europe’s biggest makers of charging stations.

With EV charging destined to be a huge business opportunity, operators are trying figure out how to best compete in what will be a fiercely competitive market. This requires data collected on EVs (e.g., charge times, tire pressure, and vehicle performance), and consumer behavior and preferences. Early on, some operators may even give consumers free charges in order to get them to opt-into data collection programs. Data privacy will be a critical regulation consideration.

As EVs become more popular, the future of gas-powered vehicles is dimming, as countries such as China and France ready plans to end sales by around 2040. Even sooner, the Paris authorities plan to banish all petrol- and diesel-fueled cars from its city by 2030. This movement will fuel higher technology investment in EVs and charging stations.


5. Energy Production Gets Consumerized

A number of businesses and consumers already have solar panels on rooftops, and microgrids are emerging to give them more control over how they produce, consume, and sell energy. This is a way for companies and homeowners to become their own utility. One example is the Indian government, which is planning to build at least 10,000 renewable-based micro- and mini-grid projects across the country, with the goal of making electricity more reliable for consumers.


6. Distributed Generation Will Improve Grid Reliability

Utilities will integrate into their forecast the output of distributed energy resources (DERs), including distributed generation, distributed storage, electric vehicles, demand response, and microgrids. To maintain the reliability of the grid, it is critically important to monitor all these DERs in order to accurately forecast and respond to changes in energy production and demand. With a more active grid management, mitigation measures against the variability of renewable generation, unplanned outages, unbalanced networks, and excessive peak demand will be addressed using intelligent real-time analytics rather than brute force equipment uprating.


7. Utility Companies Deploy their own Communication Networks

Looking to reduce telco costs and have a dedicated control network, some utility companies will consider deploying their own 5G networks. These network would also allow utility companies to collect their own data wirelessly and generate revenue by selling bandwidth to content providers offering services to the home. Most suited for dense population areas, power-line communication (PLC) that sends data over existing power cables has been used for similar purposes. The combination of PLC and 5G will become an attractive option for utility private communication networks, supporting all their operational and business needs.

In my next blog, I will discuss how new technologies such as the Internet of Things (IoT), real-time networking, virtualization, and deep learning adapted to the grid environment can be designed and deployed to better address these trends.

To learn about Intel energy solutions visit To stay informed about Intel IoT developments, subscribe to our RSS feed for email notifications of blog updates, or visit and Twitter.


Source: Network News

Wi-Fi Cloud 8.5 Now Available

We are happy to announce the availability of Wi-Fi Cloud 8.5. This latest version of the Wi-Fi Cloud simplifies configuration steps for IT administrators, enhances Wi-Fi service quality in environments with multiple access points (APs) using automatic power optimization, and adds a new cloud integration mode for the AP420 to better support large WIPS sensor overlay deployments. 

Automatic Transmit Power Control (TPC)

  • WatchGuard access points managed by the Wi-Fi Cloud automatically adjust their transmit power levels for optimum levels to avoid interference with each other, which provides a better quality of service for connected users. The new feature requires background scanning to be enabled for 2 radio APs (AP120, AP320, AP322) and is automatically supported with 3 radio APs (AP420). 

Consolidated AP Configuration Template

  • All WatchGuard access point models are now managed with a single AP (device) template in the Wi-Fi Cloud. All device types will be managed through a single configuration within the template, instead of having a separate configuration for each device type. Unique, model-specific attributes are managed with the consolidated template and only used by the AP model to which they apply, saving administrators valuable time.

Cloud Integration Point (CIP) mode for AP420 only

  • As a reminder, WatchGuard APs can be installed (overlaid) alongside any brand of Wi-Fi access point and configured as WIPS sensors to add additional security protection to an existing Wi-Fi network without having to rip and replace the existing 3rd party APs. 
  • Supported on the AP420, CIP makes managing larger WIPS sensor overlay deployments easier on administrators by integrating with Cisco, Aruba, and HP Wi-Fi controllers to enable Wi-Fi Cloud to fetch information on devices managed by the 3rd party controller. The Wi-Fi Cloud can use this information for Wireless Intrusion Prevention System (WIPS) classification and location tracking of devices.
  • Integration with Enterprise Security Management servers enables Wi-Fi Cloud to send events and audit logs to these servers, so administrators can use their existing infrastructure to manage Wi-Fi Cloud events and logs.
  • For more information on configuring CIP mode, read our knowledge base article.

Access points with active Wi-Fi Cloud subscriptions will need to have their firmware upgraded to 8.5 to leverage these new features. If an automatic firmware upgrade schedule is configured in your Wi-Fi Cloud account, your APs will automatically be upgraded, otherwise please read our help article on updating AP firmware in Wi-Fi Cloud.

When WatchGuard APs are managed with the Wi-Fi Cloud you get strong set-up, management and reporting features including:

  • Wireless Intrusion Prevention System (WIPS) delivering strongest security with advanced patented Marker Packet™ technology to:
    • Automatically and accurately identify wireless devices on your network and neighboring APs external to your network
    • Detect and prevent rogue APs
    • Detect and prevent man-in-the-middle, evil twin, and honeypot attacks
  • Engaging guest portal experiences
  • Powerful location-based analytics
  • Ability to go from 1 to unlimited access points with no controller infrastructure

To learn more about secure Wi-Fi from WatchGuard, visit  If you have any questions regarding the update, please visit Support Center

Source: WatchGuard

WTB: Tax Identity Theft Awareness Week

The intelligence in this week’s iteration discuss the following threats: APT, Cryptocurrency miners, Phishing, Ransomware, Remote Access Trojan, Targeted attacks, Tax-related malicious activity, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.

Trending Threats

Tax Identity Theft Awareness Week (January 29, 2018)
The United States Computer Emergency Readiness (US-CERT) team has issued a statement regarding “Tax Identity Theft Awareness Week” which is January 29 through February 2. The U.S. Internal Revenue Service (IRS) and other federal agencies are offering information and resources in regard to tax-related threats and scams.
Click here for Anomali recommendation

VERMIN: Quasar RAT and Custom Malware Used In Ukraine (January 29, 2018)
A new Remote Access Tool/Trojan (RAT) dubbed “Vermin” has been observed being used by threat actors in combination with the “Quasar” RAT in a campaign that dates back to late 2015, according to Palo Alto Unit 42 researchers. The Vermin RAT is being distributed via malicious Self Extracting (SFX) executables, some of which will display documents that are themed after the Ukrainian Ministry of Defense as Vermin before continuing to execute the RAT. Vermin is capable of stealing various information from an infected machine such as architecture, OS name, local IP address, machine name, and username. Researchers note that Vermin is also capable of installing a keylogger if the malware does not detect an antivirus software on the machine.
Click here for Anomali recommendation

Keylogger Campaign Hits Over 2,000 WordPress Sites (January 26, 2018)
Approximately 2,000 WordPress powered websites have been identified to be infected with a keylogger on the backend administrator login page, according to security researchers. On the front end, researchers observed an in-browser cryptocurrency miner. Threat actors are targeting older versions of WordPress websites, or those that are using older themes and plugins that are still vulnerable to known exploits to inject code into the Content Management System source code. Researchers found that actors are injecting malicious code in two parts, the first being the keylogger hosted on a third-party domain, and the second is the JavaScript Monero miner “Coinhive.”
Click here for Anomali recommendation

OilRig Uses RgDoor IIS Backdoor on Targets in the Middle East (January 25, 2018)
The Advanced Persistent Threat (APT) group “OilRig” has been observed to be using a new Internet Information Services (ISS) backdoor dubbed “RGDoor,” according to Palo Alto Unit 42 researchers. Researchers believe that OilRig installs RGDoor on a compromised web server to function as a secondary backdoor in case a “TwoFace” webshell used by the group is discovered. At the time of this writing, researchers do not have any HTTP logs that show OilRig interacting with RGDoor, however, researchers did find that RGDoor is written in the programming language C++. This means the backdoor will result in a Dynamic Link Library (DLL), inside of which researchers found a function named “RegisterModule.” This led researchers to believe that the DLL “used as a custom native-code HTTP module that the threat actor would into ISS.”
Click here for Anomali recommendation

Large Scale Monero Cryptocurrency Mining Operation using XMRig (January 24, 2018)
Palo Alto Networks Unit 42 researchers have discovered a significant cryptocurrency mining campaign that is primarily targeting individuals in Asia, northern Africa, and South America. Researchers believe that as many as 30 million people have been infected with the open-source cryptocurrency mining software “XMRig” that is used to mine “Monero.” Threat actors are using Virtual Basic script (VBS) files and URL shortening services to install and execute the XMRig payload. Researchers observed the actors are presenting users with (URL shortening service that pays URL owner every time URL is clicked) links that will automatically download XMRig on to the machine.
Click here for Anomali recommendation

Lazarus Campaign Targeting Cryptocurrencies Reveals Remote Controller Tool, an Evolved RATANKBA (January 24, 2018)
The Advanced Persistent Threat (APT) group “Lazarus Group” has been observed conducting a new campaign with the objective of stealing cryptocurrencies, according to Trend Micro researchers. The specific cryptocurrencies Lazarus Group is targeting is Bitcoin (BTC) and Ant Share (NEO). To target cryptocurrencies, the group is distributing lure documents such as Microsoft Office documents with malicious macros, Microsoft Compiled HTML Help (CHM) files, and script downloaders to infect users with a new version of the “RATANKBA” backdoor. RATANKBA is able to receive and execute commands and steal data from an affected machine. RATANKBA has been observed to be transferring shares of NEO to a different wallet, as well as mining NEO on an infected machine. of This version of RATANKBA is written in PowerShell to make it more difficult to detect.
Click here for Anomali recommendation

New Hide ‘N Seek IoT Botnet Using Custom-Built Peer-to-Peer Communication Spotted in the Wild (January 24, 2018)
A new Internet-of-Things (IoT) botnet, dubbed Hide ‘N Seek (HNS), has added been observed infecting devices beginning in January 2018, according to Bitdefender researchers. The botnet was first observed January 10 and slowly ceased activity the next several days. Researchers then observed HNS on January 20 and noticed that its creators had “significantly improved” it. HNS spreads like a work via a technique that randomly generates IP addresses to identify possible targets. In addition, HNS can conduct web exploitation via the “Reaper” exploit, registered as CVE-2016-10401. Furthermore, HNS is capable of stealing data and executing arbitrary code on an affected device.
Click here for Anomali recommendation

Severe Electron Framework Vulnerability Impacts Apps Like Skype and Slack (January 23, 2018)
Researchers have discovered that the application writing platform “Electron” is affected by a remote code execution vulnerability. The vulnerability, registered as “CVE-2018-1000006,” affects Electron applications only if they are running on Windows and “register themselves as the default handler for a protocol like “mayapp://.” MacOS and Linux applications are not affected by this vulnerability. Some popular applications that are affected by this vulnerability are Discord, Signal, and Skype.
Click here for Anomali recommendation

desuCrypt Ransomware in the Wild with DEUSCRYPT and Decryptable Insane Variants (January 22, 2018)
Researchers have discovered that two variants of the open-source ransomware project “desuCrypt” are currently being used in the wild. The variants are named after the file extensions they append to encrypted files. One appends .insane and the other .DEUSCRYPT. Researchers do not note how the ransomware is infecting its victims, however, the creator of ID ransomware Michael Gillespie has managed to create decryptors for both variants.
Click here for Anomali recommendation

SamSam – The Evolution Continues Netting over $325,000 in 4 Weeks (January 22, 2018)
Cisco Talos researchers and Incident Response Services have published a report discussing a new variant of the “SamSam” ransomware. SamSam has targeted multiple industries including government, healthcare, and Industrial Control Systems. This variant’s encryption process is the same as previous versions, however, the actor(s) behind the malware have added new string obfuscation and anti-analysis techniques to make detection more difficult. Researchers note that the infection vector for this SamSam variant is currently unknown and that investigation into the matter is ongoing. However, researchers do note that SamSam targeted JBoss hosts in 2016, and that this campaign the actor(s) may have used compromised RDP/VNC servers to gain an initial foothold.
Click here for Anomali recommendation

Source: Honeypot Tech

Coming Soon! – Fireware 12.1.1 Beta with DNSWatch

Fireware 12.1.1 and DNSWatch
Recently WatchGuard announced the acquisition of Percipient Networks, a developer of an easy-to-deploy, security-focused Domain Name System (DNS) service, previously known as Strongarm. We’re excited to announce that the first step in the integration of their solution will take place this week when we release the Fireware 12.1.1 Beta. The new service, DNSWatch, monitors outbound DNS requests and blocks traffic to websites based on a list of known malicious domains. 

More than just a filter, DNSWatch was architected to facilitate maximum user and IT admin education. Rather than just blocking traffic to potentially malicious sites, the service redirects users to a ‘blackhole’ where additional information about the attack is collected, and the user is presented with educational materials aimed at preventing future attacks. Just like APT Blocker, the service will be super simple to configure just by checking a box. We’ll take care of the necessary DNS forwarding and Dynamic DNS for changing IP addresses. 

Sounds great, where do I get it? 
This will be a public Beta, open to all users and we expect it to be available to all by Feb 2nd. If you have not participated in a WatchGuard Beta before, you can sign up at our support page. We’ll also email all previous Beta testers about the new opportunity. We’ll have more information about the service and some other features in 12.1.1 at the Beta site. 

How do I get license? 
This week, we will add the service to the feature key of all Not for Resale (NFR) units used by our partners, so we expect to see some great Beta participation from our partner community. Users that wish to participate in the Beta of the new DNSWatch service can use the free trial option that is now available at the product details page for all Firebox appliances. Before we GA Fireware 12.1.1 in mid-March, we will add DNSWatch to the feature key for all appliances with a current TotalSecurity Suite. 


Remember that we are still a couple of days away from the Beta. Please don’t contact WatchGuard yet about getting software or feature keys in the NFR. 


– Brendan



Source: WatchGuard

Smart Building Technology Trends for 2018

In 2018, smart building technologies that increase energy efficiency will continue to be at the top of the list for building managers and tenants. These technologies can generate a solid ROI by lowering utility bills, making the investment easier to justify.

In addition to energy management, there is growing demand for solutions to address new government initiatives, and integrated security and safety systems. These requirements will help the global Internet of Things (IoT) for intelligent buildings market to grow at a compound annual growth rate (CAGR) of 15.0 percent, from $6.3 billion (USD) in 2017 to $22.2 billion in 2026, according to a Navigant Research forecast.

Once this infrastructure is in place, what else can you do with it? Improving asset management and increasing occupant comfort can often piggyback on the investments made to curb energy usage. Intel, along with our partners, see the industry finding synergistic ways to use smart building technology. Here are some technology trends we’re following in 2018:


A picture of an energy efficient smart building.


1. The next wave of energy efficiency is coming

Early investments in smart building technology focused on the low hanging fruit, like upgrading HVAC units and transitioning from incandescent and fluorescent bulbs to LED lighting. Now, organizations are going to the next level with room-by-room lighting control, dynamic temperature control, pre-heated/pre-cooled buildings based on traffic, and other fine-tuning measures. Energy management solutions will incorporate more sensing technology and integrate multiple data sources to improve decision making. With the transition to LED lighting, organizations are going further than bulb replacement, adding building intelligence via sensors mounted in lighting fixtures. The sensors can connect to a gateway or network via a low-rate wireless personal area network (e.g., 802.15.4) or power over Ethernet (PoE). One building at a time, Intel is retrofitting lighting fixtures to sense ambient light and room occupancy and ultimately conserve more energy.


2. OT/IT convergence reduces operations costs

Many smart building solutions are looking more like IT systems, incorporating information technology (IT), like wireless networks and standard communications protocols. This transition is driving convergence of IT and operational technology (OT). Convergence enables these groups to lower operations costs by eliminating redundancy through collaboration on security, networking, and storage infrastructure; customer support; data analysis and reporting; etc.


3. Improved asset management increases ROI

Cameras that count people in buildings can also be used to help maximize the utilization of assets, like work cubicles. This is done at Intel, where camera data is sent to a conference scheduling application that can tell employees which cubicles are unassigned and available for use. Smart building technology is also being used to reduce operations costs and increase building performance through predictive maintenance. Sensor data is analyzed in the cloud by machine learning algorithms that determine the health of a piece of equipment, like a pump, compressor, or HVAC. The algorithms can differentiate normal wear from problematic behavior for individual pieces of equipment. Predictive maintenance solutions empower companies to make quicker, more informed decisions with help from big data analytics and alerts.


4. Cost-effective BMS solutions for small to medium-sized buildings

Technology advancement, like the Internet of Things (IoT) and low-cost sensors, is bending down the cost curve for building management systems (BMS). We are at the point where smart building technology can be affordably installed and managed in small to medium-sized buildings. Prescriptive Data offers such a solution, called NANTUM, a cloud-based, secure building operating system that integrates into any built space, including BMS and non-BMS facilities. The solution helps optimize energy consumption and increase tenant comfort, while providing cost savings. NANTUM learns the rhythm of existing building systems, memorizing today’s operations so that it can positively influence, predict, and prescribe tomorrow’s performance.


5. Occupants get more control over their environment

Temperature variation throughout the day is a common complaint of building occupants and, most likely, impacts their productivity. A study shows a socially-driven HVAC at the Federal Building and U.S. Courthouse in Phoenix increased worker satisfaction with workplace thermal comfort by 83 percent, which should translate into higher productivity and fewer tickets the facilities team needs to address related to occupants being too hot or too cold.

To maintain a constant temperature across various building zones, Intel implemented a machine learning algorithm that predicts appropriate set points for the HVAC in the building. The algorithm not only factors in typical parameters (e.g., return air temperature), it takes into account many others, including occupancy, and ambient temperature. This algorithm runs every two minutes to keep set point predictions current.


6. Buildings become energy assets in their community

Cities and grids are starting to view connected buildings with energy-generation capabilities (i.e., rooftop solar panels) as energy assets. These highly energy-efficient, net zero energy buildings are seen as contributing to society by producing as much energy as they consume.

In my next blog, I will discuss how new technologies, such as IoT and deep learning, can be designed and deployed to better address these building trends.

To learn about Intel energy solutions visit To stay informed about Intel IoT developments, subscribe to our RSS feed for email notifications of blog updates, or visit and Twitter.


Source: Network News

Intel CEO: New Products that Tackle Meltdown, Spectre Threats Coming this Year

In an earnings call yesterday, Intel CEO Brian Krzanich says security remains a ‘priority’ for the microprocessor company.
Source: Vulnerabilitys & Threats

Hardware Security: Why Fixing Meltdown & Spectre Is So Tough

Hardware-based security is very difficult to break but, once broken, catastrophically difficult to fix. Software-based security is easier to break but also much easier to fix. Now what?
Source: Vulnerabilitys & Threats

TekThing 161 – Bitcoin Sucks For Gaming PCs!!! Our Video Gear, Fingbox Home Network Security


Thank You Patrons! Without your support via, we wouldn’t be able to make the show for you every week!


Amazon Associates:

Dale Chase Music:



Source: Security news

Source: Zologic

Meltdown & Spectre: Computing's 'Unsafe at Any Speed' Problem

Ralph Nader’s book shook up the automotive world over 50 years ago. It’s time to take a similar look at computer security.
Source: Vulnerabilitys & Threats

Welcoming Draft 2, version 1.1 of the NIST Cybersecurity Framework

The NIST Cybersecurity Framework (CSF) is a set of standards, best practices, and recommendations for improving cybersecurity and managing cybersecurity risk at the organizational level. Since original publication in 2014, the Framework, although voluntarily for the private sector and enterprise, has been widely adopted across the globe. Research by NIST and Gartner suggest that 50% of US organizations will be using the Cybersecurity Framework by 2020.

The Framework is divided into three components:

  • Framework Core; “a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors.” It is further divided into four elements: functions, categories, subcategories, and informative references.
  • Framework Implementation Tiers (“Tiers”); of which there four (Partial, Risk Informed, Repeatable, Adaptive). The Framework does not consider these as maturity levels, however, progression from Partial (Tier 1) to Adaptive (Tier 4) would demonstrate a more complete implementation of the Framework.
  • Framework Profile (“Profile”); the understanding of the current organizational posture (“as is” and roadmap towards the target state (“to be”).

On December 5th 2017, Draft 2 of Framework Version 1.1 was published for review and comment. The accompanying Roadmap document is also being reviewed for comment. The final versions for publication is expected to be released in early 2018.

Anomali welcomes the call for public review and comment of the Framework and Roadmap. The updates made thus far recognise the shifting nature of the landscape. Cyber threats continue to evolve and impact all organizations. A fundamental part of better attack detection and breach mitigation is to collect, productionise and share cyber threat intelligence. This has been recognised within the updated Identify – Risk Assessment (ID.RA-2) function of the Framework:

“Cyber threat intelligence is received from information sharing forums and sources.”

There is further encouragement with the inclusion of the Cyber-Attack Lifecycle item in the draft Roadmap (1.1) publication for development.

“Cybersecurity is closely linked to the threats an organization faces from those that would seek to exploit a vulnerability or weakness. Therefore, it is important to approach cybersecurity from the perspective of the cyber-attack lifecycle by identifying threat sources, threat events, and vulnerabilities that predispose an environment to attack. To improve risk management capabilities, it is important that cyber threat information be readily available to support decision-making. Timely communication and actionable information are critical to counter threat and address vulnerability. This includes a near-real time exchange of automated threat and vulnerability indicators between organizations and information sharing communities such as Information Sharing and Analysis Centers (ISACs), Information Sharing and Analysis Organizations (ISAOs), industry peers, and supply chain partners and exchanges with security service providers. Sharing indicators based on information that is discovered prior to and during incident response activities enables other organizations to deploy measures to detect, mitigate, and possibly prevent attacks as they occur.”

Ultimately, the latest Framework draft aligns more to today’s challenges. The inherent two-way collaboration in updating the Framework ensures relevance for all. Although the CSF was originally produced to improve cybersecurity risk management in critical infrastructure, there is now greater emphasis for broad adoption across all industry sectors and enterprise. We look forward to the release of the final version in 2018.

Source: Honeypot Tech