​​The CyberStrike Workshop was developed by the U.S. Department of Energy Office of Electricity (DOE-OE) in collaboration with the Electricity Information Sharing and Analysis Center (E-ISAC) and the Idaho National Laboratory (INL) to provide critical knowledge transfer to utility operators related to power grid cybersecurity.


The Workshop offers attendees a hands-on, simulated demonstration of a cyberattack, drawing from elements of the 2015 and 2016 cyber incidents in Ukraine. Workshop attendees are guided through a series of training labs/modules in groups of five or six operators.

The goal is to challenge course participants to defend against cyberattack on the equipment they routinely encounter within their power generation systems and power distribution substations, and includes the following training labs/modules:

  • Open Source Intelligence
  • Denial of Service
  • Controlling the Human Machine Interface
  • Bypassing the Human Machine Interface
  • Firmware Analysis
  • Passive Man in the Middle Attack
  • Active Man in the Middle Attack
  • Defender Mitigations

On January 30th, 2019, NRECA and INL hosted a CyberStrike Workshop for members as part of NRECA's Cybersecurity program offerings. While the content of the Workshop contains sensitive information and resources used in the Workshop are not released to the public, below is a collection of publicly available resources that cover some of the material and information presented in the Workshop. We would like to thank Tim Conway, Technical Director of ICS and SCADA programs at SANS, for his assistance in helping the RC3 Team pull together these resources.

Return to this site often for updates and additional resources, including announcements about future CyberStrike Workshops for NRECA members.​