NREL Smart Grid Educational Series: The Utility Smart Grid is in Danger of Prolific Cybercrime and Network DDOS Caused by the Explosion of Unprotected IoT Devices in Our Homes

The proliferation of IoT and connected devices in the home, offices and major industrial centers is exposing every utility and Smart Grid to unwanted intrusions and cyber-hacking. To make IoT devices smarter, they need to communicate over short-range low-rate wireless networks like ZigBee and BLE, but also across the Internet to cloud systems, creating an almost endless opportunity for cybercrime with entry points from less secure devices and rogue applications that control the latest IoT solutions. While artificial intelligence, automation, and Smart Homes provide tremendous life-style benefits such as energy savings, security, home care, or entertainment, the utility industry and InfoSec must lead the way in ensuring that our critical electric grids are not undermined when we need those most. Gartner believes that by 2025, the average home will have over 500 connected devices, controlling both mundane and mission critical functions in our lives.

Scott Wu and Richard Yim discussed the emerging threat landscape of the exploding IoT space and the reasons why attackers are surfacing everywhere, anywhere and anytime at a webinar held at SyracuseCoE on May 19. By showcasing several threat events, the webinar articulated why traditional technologies such as antimalware and firewalls are not the solution for IoT infrastructure, and why consumers and their utility providers should seek next generation IoT solutions for their homes now.

The presentation was a segment of the National Renewable Energy Laboratory’s (NREL) Smart Grid Educational Series, a series of educational webinars on smart grid-related topics, featuring speakers from the lab and the energy industry. The webinar was hosted by Erfan Ibrahim, Ph.D., Director of Cyber-Physical Systems Security & Resilience at the NREL, and introduced by Chetna Chianese, Associate Director of Research at SyracuseCoE.


Scott Wu is CEO of NewSky Security and has led many behavioral detection initiatives in security since 2003. He held engineering/research and management roles for Symantec, Microsoft and McAfee, shipped flagship products of Norton, Windows Defender and McAfee Total Protection, each with over 500 million users. His research team in McAfee spearheaded predictive threat intelligence system, enabling Intel Security’s foothold in APT hunting space. Scott owns multiple patents of behavioral and predictive intrusion detection technology.  Scott is a marathon runner and Cascade cyclist.

Richard Yim is VP Product Management for People Power Company. Early in his career, he helped design the first versions of Symantec’s antivirus and security solutions, going on to lead the development of Oracle’s database for Linux. Recently, he was VP and GM of IGT’s Systems Division, the leading provider of highly regulated and secure gaming platforms, for the world’s largest casinos. Previously, he was Vice President Marketing, Platforms and Ecosystems at SAP. Protecting what’s most valuable to all of us, our homes and families is a passion he shares with his teams at People Power today. In his spare time, Richard enjoys networking with the AI and IoT communities in the Bay Area, and building tree houses.