Latest Posts

Featured Posts

Filter By Categories:

Utility Hacking: Turn a Vulnerable Smart Grid Into a Powerful Defender

By Åsberg, Erik 25. January 2018

 Utility Hacking Turn a Vulnerable Smart Grid into a Powerful Defender-796136-edited.jpg

Digitally empowered power grids are paving the way for new and exciting opportunities for utilities and consumers alike. But a more connected grid means more attack surface for less desirable players. With today’s digital infrastructure transformation, utility hacking is on the rise.

Download for free: Next Gen Utility Infrastructure Operation 

A Growing Threat

Apart of every nation’s critical infrastructure, the energy sector is of increasing interest to cyber attackers. Utilities are one of the most targeted and most publicly breached sectors in any western country

In December 2015, near a quarter of a million inhabitants in Western Ukraine fell victim to the world’s first confirmed cyber-attack caused electricity blackout.  After several months of preparing, exploring, mapping, and accessing critical worker credentials, hackers attacked the Ukrainian utility’s SCADA network. With hijacked grid operator VPNs, the hackers seized control of the network and began remotely switching off substations, disabling critical IT components, and flooding the call-center with bogus calls to disrupt consumers’ ability to gather up-to-date information. 

In 2016, Ukraine suffered its second hacker-caused blackout, Bowman Avenue dam in the US was breached by Iranian hackers, numerous nuclear installations were targeted according to the FBI and, in 2017, EirGrid was breached for at least two months before being discovered. In October of last year, IT security firm Symantec issued a warning of a renewed threat from the sophisticated attack group Dragonfly, targeting the western energy sector. 

These and other incidents have put cybersecurity at the top of utilities’ radar. Ranking sixth among utility concerns in 2016, physical and cyber security soared to the top of sector concerns in 2017, according to a Utility Dive-survey. Today, 72 percent of utility professionals rank cyber security as “important” or “very important.” 

Read also our guide to efficient power grid operations for the digital age. 

The Vulnerabilities of a Digitally Driven Grid

The risks of digitally driven power grids follow from four factors 

  • The convergence of IT and OT as a result of automation
  • Third-party vendor access to utility infrastructure to support devices
  • Consumer demands for real-time data on everything from consumption patterns to outage recovery times
  • A generational workforce shift to millennials, who expect everything to be connected

Smart meter data, for instance, may provide both utilities and customers with a wealth of new opportunities and benefits but, at the same time, it may also be a goldmine for cyber-attackers looking to utilize customer-related information for more malevolent purposes – as discussed in a previous article.

Using Smart Grids to Deliver Smart Defense

Although technology is largely to blame for increased utility cyber-attacks, technology also offers the solution. Greentech Media advise utilities to enhance their system-wide monitoring capabilities to learn what normal operation and interaction look like. This allows utilities to recognize indications of attacks or other security risks. To do this, utilities need to deploy unique system intelligence that allows them to use their network and devices as sensors.

Microsoft’s cloud services, for instance, are ideally suited for smart grid development. Utilizing the Microsoft Azure cloud platform and Azure Machine Learning as the smart grid brains, many utilities are already leveraging the technology’s ability to connect sensors, smart meters, and software to forecast consumption, reduce outages, and monitor assets to improve their infrastructure operations.

Furthermore, several software providers are fortunately well aware of the threats directed at the energy sector and have developed state-of-the-art solutions with defense. As an example, Microsoft delivers cloud services that enable utilities to track threat actors in their network, identify malicious software dialing outbound from their servers, and establish an alerting system to enable active network cyber defense.

Read also: Making Utility Infrastructure Operations More Efficient 

Our electrical grid was never designed to withstand a cyber-attack. Still, the need to invest time and resources into cyber-security is pressing. The most prepared utilities are the ones who will be the quickest to recover.

Download for free: Next Gen Utility Infrastructure Operation 

Åsberg, Erik's photo

By: Åsberg, Erik

Erik is CTO at eSmart Systems and has 20 years of experience in software development within the energy space, mainly using Microsoft and Oracle technologies. The last four years he has been focusing on architecture and design of Big Data technologies, all on the Microsoft Azure platform. He was appointed Microsoft Regional Director-Norway in 2019, for a second consecutive two-year period. This is a program that consists of 150 of the world's top technology visionaries chosen specifically for their proven cross-platform expertise, community leadership, and commitment to business results, and therefore nominated as trusted advisor to the developer and IT professional audiences and Microsoft.

  • Write a comment

A blog from eSmart Systems

 

eSmart Systems provides AI driven software solutions to the energy industry and service providers. Their cloud born platform is designed to handle and exploit IoT, Big Data and Analytics in real time. The company is based on more than 20 years of international experience in establishing and operating knowledge based, leading IT and energy related companies targeting global markets.

 

If you want to stay updated on artificial intellgence, the rapid development of the energy supply, the power grid and the energy consumption trends, Intelligence First is your water hole.

 

Visit esmartsystems.com