Hunton partners Paul Tiao and Fred Eames discuss the challenges to businesses operating in a constantly evolving cyber threat landscape and steps some companies have taken to protect from attacks. It’s important for companies operating in this space to adjust to changes to international, federal and state regulations regarding critical infrastructure and information sharing, including seeking application for a US SAFETY Act certification.
Continue Reading

On October 18, 2018, the Federal Energy Regulatory Commission (Commission) held its October 2018 open meeting. Commissioner Chatterjee again assumed the gavel on behalf of Chairman McIntrye, who was absent for the second consecutive open meeting. McIntyre subsequently announced that he would step down from the chairmanship due to continuing health issues. Highlights of the meeting follow.
Continue Reading

Recent press reports indicate that a cyber-attack disabled the third-party platform used by oil and gas pipeline company Energy Transfer Partners to exchange documents with other customers. Effects from the attack were largely confined because no other systems were impacted, including, most notably, industrial controls for critical infrastructure. However, the attack comes on the heels of a Federal Bureau of Investigation and Department of Homeland Security (“DHS”) alert warning of Russian attempts to use tactics including spearphishing, watering hole attacks, and credential gathering to target industrial control systems throughout critical infrastructure, as well as an indictment against Iranian nationals who used similar tactics to attack private, education, and government intuitions, including the Federal Energy Regulatory Commission (“FERC”). These incidents are raising questions about cybersecurity across the US pipeline network.
Continue Reading