Gauging from recent media reports, it would appear that power grids are vulnerable to cyberattacks. This has raised concerns that hackers are a mere switch away from plunging the world into darkness.
Over a month ago, a report revealed that hackers compromised an Irish power grid company by installing eavesdropping software on its routers. In early July, a report revealed that hackers have been trying to penetrate the computer networks of operators of nuclear power stations and other energy facilities. Late last year, code used by a Russian hacking operation was discovered within the system of a Vermont power grid.
These stories, however, do not mean that power grids are not capable of protecting themselves from cyberattacks.
Power Grids Are Safe, Says Expert
He says that electric grid infrastructure is usually quite reliable and safe. This is due to the strong safety culture of industrial engineering. Lee cites an example about recovering from a portion of the U.S. power grid going down. Operators can move away from computers and perform manual operations to get the infrastructure back up within a matter of hours, or days at most.
Protecting Power Grids Against Hackers
Lee admits that hackers are becoming more aggressive as their learning grows about infrastructure from both computer technology and industrial engineering standpoints. In addition, increasing automation has resulted in use of more computer-based platforms instead of manual operations. This provides attackers an increased opportunity to launch cyberattacks on these standardized computer-based platforms.
Cyberattacks usually have two broad categories: The first one where the primary motive is to gain, steal, or delete information; the second category involves causing physical damage to equipment and causing power outage.
Lee, however, does not see any legitimate reason for adversaries to target industrial infrastructure outside of conflict scenarios. Traditionally, hackers have not focused on compromising power grids not because they don’t want to. Rather, this is because of the minimal return on investment of carrying out such an operation. However, that does not rule out the possibility of such an attack.
Protecting power grids against cyberattacks requires the appropriate architecture to build a robust infrastructure. This applies a layer of security right from the beginning. Operators will then need passive defense in the form of vendor tools and security tools, followed by active defense in the form of experts hunting for attackers from within the environment. There is also a need for intelligence, which possibly entails infiltrating adversary networks, and even offense, which targets malicious infrastructure.
Lee believes that active defense requires the most attention, as there are less than 1,000 Industrial Control Systems (ICS) cybersecurity professionals worldwide. There needs to be a focus on training humans to counter adversaries, and with them, power grid cybersecurity defense has a strong upper hand against attackers.