The energy sector is a top target for cyberattacks
Power grids around the world have become an attractive target for cyberattacks. In the UK, for example, 24% of all cyberattacks were directed at the energy industry. Research suggests more than half of UK’s utilities suffered a cyberattack in 2020. That’s why it’s no surprise that a recent survey found that 40% of energy and utilities executives rank cyberattacks as their biggest risk.
The grid is an enormous potential target both in terms of the severe damage an attack can cause and because of the myriad ways to attack it. Electrical distribution systems are considered critical infrastructure that is essential for society and the economy to function. As a World Economic Forum article notes, a cyberattack on the energy sector is a “concrete way to cripple an economy and destabilize national security.” For example, an attack could cause a blackout, paralyzing affected regions and beyond.
In addition, electrical distribution networks are more interconnected than ever thanks to the growth in connected devices. However, every system and device adds another potential attack surface. The grid has become more complex, dynamic, automated, and geographically dispersed, which has created more vulnerabilities for hackers to exploit. Cybersecurity threats also come from across the value chain, including third-parties like suppliers.
Previous attacks on utilities have shown that attackers are constantly seeking new ways to gain entry and the cyberattacks have been successful around the world. For example, there was a successful cyber intrusion on ENTSO’s office network, Australia’s CS Energy was the victim of a ransomware attack on its network, attacks in Mumbai affected regional dispatch centers and led to widespread power outages, and an outage at a small U.S. utility managed to take down 90 percent of the utility’s internal system and was responsible for the loss of 25 years of historical data.
But while digitalizing comes with cyber risks, it has also made power networks stronger, safer, and more sustainable
While it might be tempting to put digitization efforts on hold as a way to minimize cyber risks, that’s a bad idea because modernizing the grid has given electrical distribution networks huge opportunities. For example, digital transformation has increased grids’ resiliency, enabled remote monitoring, improved load balancing, increased the use of DER, supported prosumers, and prepared for more electrification, which is a substantial part of decarbonization efforts.
Power distribution networks can become more cybersecure with this five-step approach
To take advantage of smart grid opportunities while still protecting assets, electrical distribution networks must prioritize cybersecurity. This involves being proactive, rather than reactive, in their defenses.
For example, all technology products, equipment, and systems – from the sensor level to the application — need to be designed and produced with security in mind. Not all embedded devices and power systems applications were designed with security monitoring and other cybersecurity risks in mind. While it’s possible to shore up cybersecurity on existing equipment, networks are safer when they use products and equipment that is cybersecure by design under IEC 62443.
Any cyber risk mitigation approach must define and deploy a holistic, well-rounded cybersecurity strategy will support the business as a whole. That’s because cybersecurity involves more than just devices, but also the security culture and employees’ cyber skills.
Following this five-step approach can help electrical distribution networks create and maintain cybersecure systems:
- Assess: Perform a comprehensive risk analysis and gap analysis to identify vulnerabilities.
- Design: Design a secure architecture and cybersecurity policies that set out a formal set of rules for employees and other authorized users.
- Implement: Implement security control solutions (hardware and software) and select processes that adhere to security standards. For example, use solutions that are secure by design to reduce risks when securing system components.
- Monitor: Take a proactive approach to monitoring network and host security devices.
- Maintain: Maintain cybersecurity programs. Cybersecurity strategies aren’t over just by putting a system in place. Electrical distribution networks must also stay continuously updated and aware of known vulnerabilities and existing patches. They must also have a comprehensive understanding of technology and obsolescence schedules as well as mandate that certain events, such as detected threats, trigger security assessments.
In addition to these five steps, it bears repeating, that cybersecurity efforts should always keep people in mind. Effective training for key staff delivered by trusted cybersecurity experts is essential for minimizing cyber risk.
Read our use-case illustration to learn how cybersecurity solutions can be implemented
Download our use case to learn more about how you can improve your electrical distribution network’s cybersecurity.