In December 2015, more than 225,000 people in the Ivano-Frankivsk region of Western Ukraine were impacted by the world’s first confirmed electricity blackout caused by a cyber attack. The incident demonstrated that the danger of cyber attacks on power networks is no longer theoretical—and that threat actors across the world are focused on turning the risks into reality.
But today’s digitally enabled grid is more connected, open and flexible. The evolution to smart grid technology that connects IT and operational technology (OT), energy management systems and consumers is blurring traditional boundaries and opening up new vulnerabilities. The rise of distributed energy resources and decentralized generation across the network further heightens the risk.
Breaches by a wide range of potential attackers could have potentially devastating impacts along the entire electricity value chain, from generation through to consumers. Effective responses to secure smart grids against potential cyber breaches are both imperative and urgent. Yet as cyber threats escalate and proliferate, utilities, regulators and governments are constrained in terms of their remit and capacity to respond.
So, what steps do utilities need to take as they look to protect themselves from cyber attacks and secure the smart grid? First, they need to get the overall basics of security right by implementing a robust underpinning of processes and technologies. Then they should secure their smart grid environments by taking six key steps:
Create a program of overall education and awareness, so key business stakeholders are more fully aware of the nature and scale of the cyber threats facing smart grids.
Implement radical changes in the OT organization, through the integration of IT, OT and even physical security skills into a hybrid skillset, and enable root cause analysis of any OT disruptions.
Integrate monitoring technologies into the OT platforms/grid operations, to provide ongoing situational awareness in real time, as already happens on the IT side.
Increase collaboration and sharing of (ideally real-time) threat information between utilities and, to the extent possible, with regulators, government and security services.
Embed a workforce-wide mindset that treats cyber security as another element of safety, including integrating cyber security understanding and vigilance into all employees’ asset integrity and process safety training.
Ultimately, move to “active defense” using automation and integration to enable the grid itself to detect suspicious or anomalous activity and respond in real time.
Digitally enabled smart grids open up exciting new opportunities for electricity utilities, their consumers and the societies they serve. But these connected networks are also creating new opportunities for cyber attacks, whether they be at home or from abroad. Security will be vital if smart grids are to be defended effectively. Making it a top priority will enable utility businesses to deliver the potential benefits for all.