A rocket launcher is no longer the weapon of choice. If a terrorist wants to completely debilitate a major city or even an entire country, an attack on its power grid will result in immediate and widespread mayhem. Malicious software codes are skillfully designed to destroy, disrupt, or take control of the complex systems on which the grid runs. The attackers’ goals range from financial gain to data theft and shutting down of facilities. Suspects include organized criminal enterprises, commercial competitors and even governments.
Power grid - the prime target
With the introduction of smart grid technology, the power grid faces major cyber threats. Today’s power grid is a “prime target” for cyber-attacks as it is dependent on a myriad of embedded systems, all communicating with each other via a myriad of wired, wireless, cellular and dial-up modems, that use a combination of TCP/IP and proprietary protocols. This expands the attack surface, opening it up to cyber threats. The more automated the grid, the higher the risk.
For the first time ever, the electric utility has access to highly sensitive information which must be safeguarded at all costs. The utility understands that if this data falls in to the wrong hands, it could spell disaster for both the utility and its customers. It is for this reason that utilities are prioritizing cyber security, ensuring that all data exchanged via the smart grid is secure. Utilities have never had to concern themselves with this issue in the past but as the wireless transmission of data increases, cyber threats become even more prevalent. Electric utilities must act quickly to avoid cyber attacks which could cripple a nation’s grid. In addition to this, utilities have the responsibility of safeguarding their customers’ private data.
Utilities are finding it difficult to protect a system that combines ageing electromechanical equipment with the latest in sensor, communications and control technologies which are being accessed via the internet by utility workers, multiple third-party vendors and customers. Utilities also need to justify the cost of security against the unknown risks which range from minor day-to-day occurrences to catastrophic.
To avoid cyber attacks, utility companies are implementing comprehensive cyber security plans across their business networks and their generation, transmission and distribution systems. Security teams are being appointed in order to help predict and plan responses to future attacks or intrusion attempts. As cybersecurity is a complicated field, with many different tasks to manage, critical infrastructure protection (CIP)-focused companies are working together and with IT companies in the smart grid field to ensure a holistic approach to cybersecurity. These teams focus on capturing, containing, eliminating and then learning from all the attacks that keep coming in on a daily basis. This information sharing will ensure the best and most up-to-date security measures. There are, however, experts who believe that a single agency would be better able to address the problem than local entities that are responsible for various aspects of protecting the grid.
Spending on cybersecurity for smart grid industrial control systems is expected to climb nearly 70% between 2012 and 2020 to US$608m, according to Pike Research. This figure places cybersecurity spending behind only funding for distribution automation in terms of IT investment by utilities.
Governments worldwide are all too aware of the crippling effects of a terrorist cyber attack. The US president, for instance, has requested US$769m to support the operations of the National Cyber Security Division, which protects Federal computer systems and sustains efforts under the Comprehensive National Cybersecurity Initiative to protect U.S. information networks from the threat of cyber attacks or disruptions. The Obama administration has also issued an executive order calling for an increase in information sharing among industry partners on cybersecurity, as well as a jointly developed strategy and framework to guide utilities, power plant operators, chemical and oil and gas plants, and other critical infrastructure managers in securing their assets.
Many companies have adopted the Cyber Kill Chain approach which enables information security professionals to predict and prevent advanced cyber threats. The benefits of the approach include:
- Advancing risk-management strategies to improve decision making
- Assessing risk, in business context, to allow utility executives and boards to make decisions for mitigations and investments based on their specific risks
- Implementing security intelligence management to enable a proactive, intelligence-driven defense approach to cybersecurity
- Bolstering the training of the cybersecurity workforce
- Sharing actionable and relevant threat information more efficiently
- Establishing public-private partnerships to accelerate cybersecurity efforts for the grid
The power grid will continue to face new and sophisticated threats as technology continues to develop. To meet this challenge, a comprehensive program and partnership is needed. The cooperation of utility personnel, the vendor community, security partners and educational institutions is essential to the continued secure, reliable operations of the grid which we are reliant on.
Smart grid technology provides many benefits such as energy efficiency, improved reliability, cost-effectiveness of electricity and better customer service. However, with all new technology comes risk. Utilities will need to adopt tough security measures if all these benefits are to be enjoyed.