Report: Power utilities increasingly at risk of devastating cyber-attacks
No industry is safe from the proliferation of cyber-attacks in 2020 - not least the power utility sector, according to a new report from GlobalData, which finds that the industry has suffered from the rush towards remote systems and increasingly understaffed facilities.
The report reveals that to maximise the return on investment in cybersecurity, utilities need to address challenges brought about by cyber-attacks head-on.
“Utilities’ existing systems are becoming increasingly connected through sensors and networks, and, due to their dispersed nature, are even more difficult to control,” says GlobalData senior power analyst Sneha Susan Elias.
“This potentially provides an opportunity for attackers to target the grid – similar to the attack in Ukraine in December 2015 where hackers attacked three power distribution companies in the country, temporarily disrupting the electricity supply.”
Elias says that a central system for anticipating and monitoring attacks is critical - but even that may not be enough to suppress a breach.
“As utility infrastructures become more interconnected, smart and decentralised, a centralised approach to secure them is difficult, and will become increasingly untenable,” says Elias.
“Central monitoring and oversight is essential but not sufficient, as a central system cannot react quickly enough to threats – especially as control becomes fragmented across numerous systems such as microgrids.
“As a result, there will be a rising burden on edge elements and local systems to be resilient to cyberattacks, while also having the flexibility to support the resilience of the wider energy system in the case of a cyberattack on the electricity grid.”
Power grids are the main target point for hackers and cyberattacks, the report says, because of the sheer damage that could be done should a catastrophic failure occur. A grid’s dependence on industrial control systems (ISC) exacerbates this problem - if this system is breached, the result could be disastrous.
The rapid proliferation of smart and connected grid components further necessitates an investment in cybersecurity. As a grid becomes smarter, it also becomes more vulnerable to attack, which can compromise critical infrastructure systems and disclose private user information.
“Utilities need to develop a unified method for security that incorporates both physical and digital security, as well as covers the complete organisation,” says Elias.
“Utilities should adopt cybersecurity measures that can correlate threats across transmission system operator (TSO) systems, industrial control systems (ICS) and operational technology (OT) systems.
“This is where the role of artificial intelligence (AI) and behavioral analytics, along with ubiquitous Internet of Things (IoT) data comes into play, providing support for the emergence of such solutions.”
AI analysis of behavioural biometric data will be a crucial area of development within the sector, the GlobalData report reveals.
Sophisticated machine learning algorithms can build up a profile of a user’s typical behaviour, identify unusual patterns of activity, and highlight potential threats in real-time before they have a chance to materialise.
By automatically detecting suspicious data, the whole security process becomes more efficient, preventing the need for a painstaking manual review of log data.
IoT, if it moves beyond point applications to encompass analytics and a holistic view of utilities’ infrastructure, could enhance aspects of security by helping manage infrastructure more effectively and monitor unusual patterns.
Elias concludes, “The integration of AI with IoT will aid power utilities and security personnel in decreasing false alerts obtained from these systems, and lead to enhanced efficiency of the security teams.”