ERCOT Warns MPs Of Cybersecurity Incident At Market Participant

October 17, 2022

Email This Story
Copyright 2010-21 EnergyChoiceMatters.com
Reporting by Paul Ring • ring@energychoicematters.com

The following story is brought free of charge to readers by EC Infosystems, the exclusive EDI provider of EnergyChoiceMatters.com

ERCOT issued a market notice stating that, on October 14, 2022, at approximately 4:30 p.m., ERCOT was informed by a Market Participant (disclosing MP) that the MP’s Internet-facing firewalls had been compromised.

"This did not affect the disclosing MP's operations nor was there any indication the attacker pivoted to any other systems," ERCOT's notice stated

"ERCOT's computer network and systems were not affected by this event and the Texas power grid was not impacted," ERCOT's notice stated

"The disclosing MP indicated that their firewalls had been compromised by an attacker that exploited a newly disclosed vulnerability, CVE-2022-40684. The incident was confined to two sites owned by the disclosing MP and the disclosing MP was able to identify and contain the compromise. The disclosing MP is in the process of restoring the affected firewalls to a known-good configuration," ERCOT's notice stated

ERCOT's notice stated that, "The firewall vendor, Fortinet, released an updated advisory on 10/10/22 indicating that an authentication bypass vulnerability in FortiOS, FortiProxy and FortiSwitchManager was actively being exploited and urged customers to apply the recommended update or workaround."

"ERCOT urges MPs that use Fortinet products to immediately review the advisory and apply the recommended fixes as soon as practicable. If there is indication of compromise, the vendor should be contacted for assistance," ERCOT said in the notice

ADVERTISEMENT

ADVERTISEMENT
NEW Jobs on RetailEnergyJobs.com:
• NEW! -- Sales Development Representative
• NEW! -- Operations Analyst/Manager - Retail Supplier
• NEW! -- Customer Success
• NEW! -- Market Operations Analyst
• NEW! -- Operations Manager - Retail Supplier
• NEW! -- Marketing Associate - Retail Supplier
• NEW! -- Supervisor-Commercial Operations
• NEW! -- Customer Data Specialist
• NEW! -- Director, Regulatory Affairs, Retail Supplier
• NEW! -- Account Manager Project Manager
• NEW! -- Retail Energy Policy Analyst
• NEW! -- Incentive Specialists
• NEW! -- Utility Rates Specialist
• NEW! -- Customer Onboarding Specialist
• NEW! -- Energy Performance Engineer

HOME

Copyright 2010-22 Energy Choice Matters.  If you wish to share this story, please email or post the website link; unauthorized copying, retransmission, or republication prohibited.