Digitally empowered power grids are paving the way for new and exciting opportunities for utilities and consumers alike. But a more connected grid means more attack surface for less desirable players. With today’s digital infrastructure transformation, utility hacking is on the rise.
Apart of every nation’s critical infrastructure, the energy sector is of increasing interest to cyber attackers. Utilities are one of the most targeted and most publicly breached sectors in any western country.
In December 2015, near a quarter of a million inhabitants in Western Ukraine fell victim to the world’s first confirmed cyber-attack caused electricity blackout. After several months of preparing, exploring, mapping, and accessing critical worker credentials, hackers attacked the Ukrainian utility’s SCADA network. With hijacked grid operator VPNs, the hackers seized control of the network and began remotely switching off substations, disabling critical IT components, and flooding the call-center with bogus calls to disrupt consumers’ ability to gather up-to-date information.
In 2016, Ukraine suffered its second hacker-caused blackout, Bowman Avenue dam in the US was breached by Iranian hackers, numerous nuclear installations were targeted according to the FBI and, in 2017, EirGrid was breached for at least two months before being discovered. In October of last year, IT security firm Symantec issued a warning of a renewed threat from the sophisticated attack group Dragonfly, targeting the western energy sector.
These and other incidents have put cybersecurity at the top of utilities’ radar. Ranking sixth among utility concerns in 2016, physical and cyber security soared to the top of sector concerns in 2017, according to a Utility Dive-survey. Today, 72 percent of utility professionals rank cyber security as “important” or “very important.”
Read also our guide to efficient power grid operations for the digital age.
The risks of digitally driven power grids follow from four factors:
Smart meter data, for instance, may provide both utilities and customers with a wealth of new opportunities and benefits but, at the same time, it may also be a goldmine for cyber-attackers looking to utilize customer-related information for more malevolent purposes – as discussed in a previous article.
Although technology is largely to blame for increased utility cyber-attacks, technology also offers the solution. Greentech Media advise utilities to enhance their system-wide monitoring capabilities to learn what normal operation and interaction look like. This allows utilities to recognize indications of attacks or other security risks. To do this, utilities need to deploy unique system intelligence that allows them to use their network and devices as sensors.
Microsoft’s cloud services, for instance, are ideally suited for smart grid development. Utilizing the Microsoft Azure cloud platform and Azure Machine Learning as the smart grid brains, many utilities are already leveraging the technology’s ability to connect sensors, smart meters, and software to forecast consumption, reduce outages, and monitor assets to improve their infrastructure operations.
Furthermore, several software providers are fortunately well aware of the threats directed at the energy sector and have developed state-of-the-art solutions with defense. As an example, Microsoft delivers cloud services that enable utilities to track threat actors in their network, identify malicious software dialing outbound from their servers, and establish an alerting system to enable active network cyber defense.
Read also: Making Utility Infrastructure Operations More Efficient
Our electrical grid was never designed to withstand a cyber-attack. Still, the need to invest time and resources into cyber-security is pressing. The most prepared utilities are the ones who will be the quickest to recover.