Digitally empowered power grids are paving the way for new and exciting opportunities for utilities and consumers alike. But a more connected grid means more attack surface for less desirable players. With today’s digital infrastructure transformation, utility hacking is on the rise.
A Growing Threat
Apart of every nation’s critical infrastructure, the energy sector is of increasing interest to cyber attackers. Utilities are one of the most targeted and most publicly breached sectors in any western country.
In December 2015, near a quarter of a million inhabitants in Western Ukraine fell victim to the world’s first confirmed cyber-attack caused electricity blackout. After several months of preparing, exploring, mapping, and accessing critical worker credentials, hackers attacked the Ukrainian utility’s SCADA network. With hijacked grid operator VPNs, the hackers seized control of the network and began remotely switching off substations, disabling critical IT components, and flooding the call-center with bogus calls to disrupt consumers’ ability to gather up-to-date information.
In 2016, Ukraine suffered its second hacker-caused blackout, Bowman Avenue dam in the US was breached by Iranian hackers, numerous nuclear installations were targeted according to the FBI and, in 2017, EirGrid was breached for at least two months before being discovered. In October of last year, IT security firm Symantec issued a warning of a renewed threat from the sophisticated attack group Dragonfly, targeting the western energy sector.
These and other incidents have put cybersecurity at the top of utilities’ radar. Ranking sixth among utility concerns in 2016, physical and cyber security soared to the top of sector concerns in 2017, according to a Utility Dive-survey. Today, 72 percent of utility professionals rank cyber security as “important” or “very important.”
The Vulnerabilities of a Digitally Driven Grid
The risks of digitally driven power grids follow from four factors:
- The convergence of IT and OT as a result of automation
- Third-party vendor access to utility infrastructure to support devices
- Consumer demands for real-time data on everything from consumption patterns to outage recovery times
- A generational workforce shift to millennials, who expect everything to be connected
Smart meter data, for instance, may provide both utilities and customers with a wealth of new opportunities and benefits but, at the same time, it may also be a goldmine for cyber-attackers looking to utilize customer-related information for more malevolent purposes – as discussed in a previous article.
Using Smart Grids to Deliver Smart Defense
Although technology is largely to blame for increased utility cyber-attacks, technology also offers the solution. Greentech Media advise utilities to enhance their system-wide monitoring capabilities to learn what normal operation and interaction look like. This allows utilities to recognize indications of attacks or other security risks. To do this, utilities need to deploy unique system intelligence that allows them to use their network and devices as sensors.
Microsoft’s cloud services, for instance, are ideally suited for smart grid development. Utilizing the Microsoft Azure cloud platform and Azure Machine Learning as the smart grid brains, many utilities are already leveraging the technology’s ability to connect sensors, smart meters, and software to forecast consumption, reduce outages, and monitor assets to improve their infrastructure operations.
Furthermore, several software providers are fortunately well aware of the threats directed at the energy sector and have developed state-of-the-art solutions with defense. As an example, Microsoft delivers cloud services that enable utilities to track threat actors in their network, identify malicious software dialing outbound from their servers, and establish an alerting system to enable active network cyber defense.
Our electrical grid was never designed to withstand a cyber-attack. Still, the need to invest time and resources into cyber-security is pressing. The most prepared utilities are the ones who will be the quickest to recover.