According to the World Economic forum (WEF), 54% of utilities expect a cyberattack this year. This is partly due to the fact that digitization is making utilities more vulnerable, and partly as a result of the fact that the impact of attacks is felt far faster, and is far more detrimental, when it comes to critical infrastructure.
Even two years ago, the typical power or water network wasn’t connected to the internet or multiple other networks. This made utilities a tiny target in the grand scheme of things, making cybersecurity a negligible consideration.
The Internet of Things (IoT), however, has substantially changed the landscape. Offering an effective way for utility grids to become “smart”, the IoT enables devices such as meters to talk to each other and the central network, allowing utilities to make their billing and operations more effective.
As the grid has become smarter, utilities have begun to integrate their Information Technology (IT) and Operations Technology (OT) networks.
This has allowed them to improve predictive maintenance and efficiency and reduce down time, but this is also the means through which hackers have started attacking them.
Cybersecurity attacks threaten the power grid, enterprises, and consumer devices on a nearly constant basis, putting valuable digital assets, private information, and corporate secrets at risk, while also carrying the potential for physical harm. Growing adoption of IoT devices and the systems that support them is increasing the number of vectors and surfaces for cybersecurity attacks against utilities and other enterprises. Thankfully, many of these IoT threats use predictable, known techniques to compromise devices, either targeting weak credentials, unpatched vulnerabilities or both. As a result, many threats are preventable by applying good cyber security practices.
Security must be comprehensive
Today’s intelligent utility needs to have the relevant security systems in place, both for physical and IT/information related security. This security should not only deal with known security threats and vulnerabilities, but also to be able to deal with new threats as the cyber criminals develop them. The security systems required to protect an intelligent utility from cyberattacks need to be multi-layered and protect all parts of the utility, not just the IoT devices.
IoT data is a key defence
The intelligence in the intelligent utility comes from analyzing the data being fed from the IoT devices and performing predictive analytics and artificial intelligence predictions on that data and using this information to dynamically adjust and control the utility. When selecting the tools to fight the rising threat of industrial cyber attacks, it is worth noting that the tools required for cyber protection in an IT environment are different than those required for OT systems.
Effective cyber security tools must be able to detect initial intrusions, but they must also be capable of monitoring systems for malware that lies dormant waiting to attack at a future date. They must also be capable of monitoring and protecting vulnerable legacy assets. That requires timely detection of cyber attacks around the clock to monitor all traffic anywhere in the network, as well as from any device in the network.
Physical security matters
And, because power networks are often distributed across a large area and are often outdoors and in remote areas, an effective cybersecurity solution must be capable of detecting physical tampering. That requires the ability to periodically query individual devices on the network to identify whether any changes have been implemented.
The cybersecurity risks against critical power infrastructure are increasing. A recently released cybersecurity report by Siemens and the Ponemon Institute found that 56% of the utility professionals surveyed — representing electric utilities around the world with gas, solar and wind portfolios, as well as water utilities — suffered one or more shutdowns or loss of operational data every year.
As utilities get more intelligent, so will their need for better security. Local municipalities and government will have a vital role to play in this regard. Governments will need to ensure that the correct levels of security are in place, both physical and cyber, and of ensuring applicable regulations are adhered to.
The Ponemon report found that less than one-third of survey respondents assessed their readiness as ‘high’ if faced with containing a breach. Utilities and municipalities must therefore start prioritizing cybersecurity, going beyond required compliance to adopt risk-based strategies to respond to an evolving threat environment.