Utility Professionals Network Community

Welcome! This community is the default community for every Energy Central registered member. We discuss and share a variety of topics related to the global power industry. We welcome intelligent, insightful contributions and conversations.

199,882 Subscribers

Article Post

Cyber Attacks Zapping Power from the Utility Industry

It's no secret that electric power systems are undergoing a major transformation. 

In an effort to expand and decentralize, utility companies are making major steps to expand their communications network. The result? An uptick in sensors, switches, and ground fault devices designed to turn traditional power supplies into smart systems that can provide real-time diagnostics with ease. While such innovations are undoubtedly propelling the industry ahead and helping it compete in the 21st century, they also leave organizations more vulnerable to a new risk: cyber attacks.

As operations move further toward the edge of the grid, professionals are beginning to come to terms with the idea that a cyber threat or attack is likely imminent. Case in point? Cybersecurity company Symantec recently revealed that for most of 2017, dozens of power companies across the country were compromised due to the efforts of an organized hacking group.

If you're picturing techies in hoodies pounding away at their keyboards in the basement, but not really making any kind of major disruption, think again. These attackers are massive in scale and devastating in scope, so much so that Symantec noted their efforts could have halted power production at many of the plants.

So how do plants prepare and respond? It's a little trickier than you might think. Readying operations for a weather event is one thing. You have a general idea of what to expect, and you've seen similar conditions in the past. Yet, cyber attacks are different because they're almost never the same and are incredibly difficult to trace. Another issue? Hackers are becoming increasingly sophisticated in their maneuvers.

Consider the 2015 hacking of the Ukranian power grid. Two years ago, hackers found a way to gain access to the country's utility networks, then set up shop. They manually flipped switches at substations and while the attack was detrimental, it was limited in scope. In all, 27 substations were affected and 225,000 customers went temporarily black, but the attack only happened at three regional companies.

Fast forward to last December, and they launched a new attack against the country -- this time one that was fully automated. How did they do it? Malware that infected the grid's communication system, "speaking" to the equipment and telling it to shut down. Experts reveal the attack could have easily spread to 10 or 15 sites, with the work of far fewer people than the first. 

Unfortunately, there are myriad spots within the grid that allow for such seamless and sneaky entrance. Couple that with an increased communications footprint and the potential for disaster is ripe. While the North American Electric Reliability Corporation (NERC) has released reliability standards that center on protecting and monitoring the U.S. electric system, it fails to cover other aspects such as distribution grids.

As your utility company moves forward, it's important to keep up with regulatory compliance measures and develop best practices for cybersecurity. Customers have come to expect rigid security protocols and demand the same from their energy provider. At the same time, it's not only your reputation you're protecting. An attack on your operations affects more than just your brand name and the households who turn to you for power. It opens the door a little wider for attackers to manipulate grids across the country. Make sure your technicians are skilled in all aspects of security control and that all files are kept as locktight as possible.

Here are some other ways to get started:

  • Upgrade all legacy systems and migrate old data 
  • Invest in top-rate security monitoring systems that can detect an issue immediately and notify you in real time
  • Implement a multi-layer strategy covering all aspects of cybersecurity
  • Create an incident response plan and make sure all employees are aware of it, keeping a copy in an accessible, public location

In addition, be sure to hold routine training refreshers to make sure all employees know how to respond in the event that a threat does present itself. Preparedness is the key to prevention in this case, so don't delay in getting started. 








No discussions yet. Start a discussion below.