Power grids have evolved from small, localized grids to massive, physically expansive grids that frequently cover numerous nations or even continents. Due to the demand for greater efficiency, digital technology is becoming increasingly prevalent, and new technologies in the energy grid heavily rely on high-frequency monitoring cycles and adaptability to system bottlenecks. The consequent increase in communication provides hostile actors with a greater attack surface.
Developments in the energy industry
This trend is exacerbated by the rise of renewable energy (ranging from large off-shore wind farms that match the power generation of conventional power plants to a single household feeding solar energy into the grid), which leads to power generation becoming more distributed and, therefore, less reliable, making transmission and distribution of energy challenging to organize.
While increasing power demands can be met with more conventional or renewable power plants, the system must be able to transfer the generated electricity. However, the cost of expanding the grid by adding new lines is prohibitive. Fortunately, digital technology can help improve the utilization of the existing grid, resulting in greater deployment of digital technology to control, monitor, and maintain power transmission and distribution.
This increasing use of digital technology requires more and more networking capabilities and connects previously isolated components with larger communication networks, resulting in a large variety of new dataflows. The resulting increasing interconnection of power grids, which constitute critical infrastructure, raises severe security concerns. The increasing use of digital and decentralized technology provides a larger attack surface. Different cyber-attacks have successfully targeted essential parts of the power grid, resulting in disruptions and wide-scale outages that have extensive social and economic consequences.
The increasing digitalization of power grids, necessary to deal with changing power demands and generation, raises fundamental security challenges.
Availability is key
The triad of confidentiality, integrity, and availability (CIA) must be interpreted slightly differently in the energy sector. In conventional cybersecurity, it is often preferred to protect confidentiality and integrity at the expense of availability. However, in electricity grids, availability is by far the most critical aspect of the triad, given the catastrophic effects of outages. The longer a blackout lasts and the greater the proportion of the grid that is impacted, the greater the economic and social damage.
Balance generation with consumption
Electrical power grids rely on a stable grid frequency of either 50 Hz or 60 Hz due to the use of alternating current. The frequency is only stable if power generation and consumption are at an equilibrium. If more power is generated than consumed, the frequency rises, and vice versa. This is evident, for example, during summer heatwaves, when the increased consumption due to the use of air conditions results in entire cities being disconnected from the grid. The sensitive equilibrium between generation and consumption can be exploited by attackers, as they only need to control a comparably small amount of consumption or generation to use cascading effects within the grid to create a system-wide blackout.
Decentralized power generation
The proliferation of renewable energy has enabled numerous individuals and businesses to enter the energy sector. Their security controls are not as stringent as those of conventional energy corporations. As a result, the hardware and software used by individuals are frequently not as secure as they should be or are misconfigured, which may have an effect on transmission and distribution within the grid.
Lack of built-in security
Most devices used in power grids, such as protection devices or PLCs, are designed for multiple-decade use. Often, they are neither patched nor replaced. The most widespread protocols DNP3 (mostly used in North America and parts of Asia) and IEC 60870-5-104 (predominantly used by the rest of the world) were developed more than 20 years ago with no security concerns in mind, and they lack the support of basic security mechanisms, such as authentication or integrity protection.
Field devices in power grids have planned lifetimes that are measured not in years but in decades. Many devices in use may not have the computational power to support additional security functionality. Even though some devices are eventually replaced or updated with new software, they are frequently required to support legacy protocols so they can connect with older equipment. As a result, distribution and transmission system operators have inherited vulnerabilities.
An attacker need not target the largest grid operator in order for their actions to have devastating effects. As long as the target of an attack has sufficient power to alter the grid’s frequency, the attacker can use cascading effects to influence the entire power system.
Protecting the grid
Providing security for electricity transmission and distribution inside the grid is of the utmost importance considering the immense dangers posed by a varied array of attack vectors and scenarios. Future improvements in power grid security will require a combination of technical approaches, awareness measures, and closer collaboration between the electrical engineering community and cybersecurity specialists.
Drawing from the principle of defense-in-depth, we can provide a comprehensive set of security measures at different layers. These measures encompass approaches for
- Device and application security
- Network security
- Physical security
- Policies, procedures, and awareness
Device and application security
As a foundation to provide defense-in-depth, all devices and applications deployed in power grids have to be secured, which is essential given the interconnected nature of power grids. There are several approaches to achieving this milestone – device and application diversity, static firmware analysis, and security assessments.
The increasing use of digital technology in power grids demands more and more networking capabilities, resulting in the connection of previously isolated components to larger communication networks. To address resulting security concerns, grid facilities need to proactively prevent security incidents, most prominently using network segmentation, as well as to detect security incidents that successfully bypassed preventive measures using intrusion detection systems.
Traditional network separation through demilitarized zones (DMZ) and virtual networks is a standard tool for securing networks. These techniques make it harder for attackers to get a comprehensive view of the network through simple reconnaissance methods and restrict lateral movement within the network.
Despite the availability concerns raised by some grid companies, intrusion detection systems (IDS) are well-suited to provide security in interconnected power grids because the traffic is well defined as only certain protocols are used and, in most cases, any piece of software or hardware communicating over the network is known in advance.
Scientists at the U.S. Department of Energy’s (DOE) Argonne National Laboratory have developed a novel approach to detecting intrusions. “Physics-based methods are attractive solutions, offering the ability to check data integrity and maintain system stability even in the presence of malicious signals and commands,” says Hyekyung (Clarisse) Kim, a computational scientist at Argonne. Taking a rule-based approach to cybersecurity, Chen and Kim created an algorithm that uses physical laws to verify the data collected through monitoring and control platforms to detect false data injection attacks. “Our tool alerts the operator of an attack status, identifies the compromised device, and replaces the corrupt data with correct values so that grid operations can continue uninterrupted even while an attack is in progress,” Kim explains.
As grid operators often use their own physical networks for communication, physical security is directly related to cybersecurity. For example, a motivated attacker could break into a substation and infect local devices with malware.
Policies, procedures, and awareness
The most devastating cyber-attacks on power grids exploited human behavior either through phishing or manipulated downloads. These issues cannot be resolved only by employing more advanced security technology. Therefore, training is required to raise employee awareness of security-related behavior. Particularly, employees with direct access to essential equipment must be aware of social engineering tactics and equipped to recognize basic engineering attacks.
Moreover, even with the most effective security procedures and awareness training in place, a (possible) security incident will eventually occur. Therefore, grid operators must design and maintain actionable incident response strategies and procedures, providing their personnel with clear technical instructions on how to respond to security problems.
What is going to make a difference right now to electric utilities is the right technology to defend against cyberattacks in the first place. And for that, it is not one size fits all. You must consider your current security maturity, establish realistic goals to prevent predefined risk, and work with a trusted advisor who knows the critical national infrastructure landscape – and can build your cyber resilience against mandated national standards in your industry. ITEGRITI specializes in programs that help CNI sectors detect breaches, avoid hacks, reduce recovery time and minimize overall business impact in the event of a cyber emergency. Learn more about how ITEGRITI can help you defend your critical infrastructure with our managed security services.