Category: Digital Transformation
How Cybersecurity is Paramount in the Power & Utility Sector
With the fourth industrial revolution on a set trajectory in our way of life, everything has become online and this situation can be best illustrated with the advent of technologies like Industrial Internet of Things (IIoT), AI, ML, and digital twins, of which power and utility sector is no stranger. It is a well know fact that anything online in the present circumstances can be prone to cybersecurity challenges and every online system, including those of power and utility sector can be breached and their integrity can be compromised. In this context, it is evident that power and utility companies take the necessary steps to protect themselves from such malicious attacks as this sector comes under the category of vital infrastructure on which entire populations of nations are dependent. However, even though power and utility companies are taking stringent cybersecurity measures, there are various instances where the security has been breached and the entire power infrastructure is at the mercy of cyber criminals.
For instance, take the incident of ‘Sandworm’ cyber attack conducted by the Russian intelligence in Pennsylvania in October 2020, and the malicious Stuxnet computer worm that was a malicious enough to target SCADA, PLC and other control systems of power plant operations due to the prevalence of an open system in the plant. Also, there was the infamous attack on Ukraine’s electricity grid in the year 2015, which was a major security breach in the power and utility sector. As a result of this attack, a total of 30 electricity substations were deactivated and nearly 230,000 people were left with no supply of electricity for up to six hours. Such events rarely illustrate the scale and extent of the problem of cyberattacks in the power and utility sector, and as per the International Energy Agency (IEA), due to the security concerns, details of other threats and cybersecurity breaches are rarely made public by the grid operators. In reality, as per the research conducted by Hornet Security, a German cloud security company, a total of 16% of all cyber attacks are being conducted on the power and utility sector all over the world.
With reference to the cybersecurity in the power and utility sector, technology can act as a double-edged sword and the massive digital transformation that this sector is experiencing is setting new standards and redefining the energy production, transmission, storage and also the consumption of energy by the end-users. Power infrastructure is a complex system, and most of it was built long time ago, when digital systems were non-existent. As a result, there was no interconnectivity of one system to another, and this is what digital transformation is changing in the power and utility sector. With the help of cutting-edge technologies like AI, ML, big data, and others, new business models are being created, with most of the processes being optimized in this vital sector and completely transformed to suit the digital environment of the present times. However, with this transformation, new challenges arise, and cybersecurity is one of the major challenges that power and utility companies are facing currently.
As the energy infrastructure is highly complex and distributed, cyber security in the energy sector requires proactive protection measures in order to deter cyber attacks in this sector. The rapid technological evolution that is daily bringing new technologies to the fore in the power and utility sector presents a major opportunity in this regard. With this, there comes an increasing risk of cyberattacks, and power and utility companies are rising to this challenge and developing methods and protocols to boost up their security levels and deter major system breaches. In this context, it is pertinent to note that as the technology has developed, cyber attackers also have developed the newer and sophisticated tools and methods which they are using to target power and utility companies. These cyber attackers are organized into criminal groups, espionage groups, cyber terrorists and even nation states, which exploit the vulnerabilities of the highly complex power and utility sector, and is exposed to various forms of potent cyber threats.
In addition, it should be noted that power and utility sector is an Intellectual Property (IP) driven industry. This very fact is responsible for making the power and utility sector more attractive to the cyber attackers, who want to exploit the weaknesses in the security systems and carry out cyber terrorism and cyber espionage which may have political and economic motives as well, giving the attackers intense clout over this sector.
In connection with managing cyber risks in the electricity and power sector, there is an increasing convergence between physical and cyber entities and even if one of these two facets face disruption, the other dimension gets automatically impacted. This can lead to severe losses of equipment and disruption of the power grid, and there are major concerns regarding the efficacy of various monitoring systems that regulate the flow of electricity or natural gas in a way that doesn’t factor manual validation or checking the data-integrity regimes. As a result, some parts of this highly complex system are prone to data tempering and this can cause severe disruptions and outages without the built-in safeguards coming into the picture.
On the other hand, even physical security of power infrastructure has to be considered and is a critical component in maintaining the integrity of the grid and the connected networks, and sensitive locations like data centers and transmission and distribution sites must be adequately protected. If physical security is found to be lax in these sites, even the cyber security of the entire system may come under a great risk of getting breached. It should be noted that the cyber components and their associated physical components need to be adequately protected with a highly structured approach in which various facets of these cyber and physical aspects have to be systematically integrated to mitigate the risk of breaches, both in the physical and digital realms.
To counter the looming cybersecurity threats, the power and utility industry needs to look at its evolution from a legacy system to the current highly digital avatar. Before the power and utility sectors became digitally connected, operators found that their systems and processes of various plants and network were isolated, i.e. they were not digitally connected. However, with the advent of the IoT, everything is connected and thus cyberattacks are more likely to happen at the power plant level or in the power grid. Presently, as each and every critical component of the power infrastructure or technology is interconnected, this intense digitalization has led to power and utility industry come to terms with a dynamic energy market, and have become indispensable.
Due to this, power and utility companies need to have a relook at their supply chains and make them highly secure. This supply chain includes the main power plant premises, power lines, and substations. All these entities are highly diverse and consist of various devices, components and software from different vendors, and thereby not sourced from a single manufacturer. Hence, it is important to consider all such components while framing the cyber security framework for power and utility companies, and it may happen that any of the components may have a security breach in them or cyber attackers can exploit a weakness in any of such diverse systems. Hence, the cyber security policy of the power and utility sector needs to factor in such vulnerabilities so that any weakness in the entire power supply chain is eliminated.
In addition, power and utility companies can use AI based cybersecurity solutions to develop robust monitoring systems that can detect potential threats and give protection to the highly distributed and sometimes highly remote assets and keep them safe from any breaches. These assets may include smart meters, pipeline compressors, or even EV charging stations. Based on this, power and utility companies need to forge partnerships with various entities that form a protective shield for various kinds of equipment and systems mentioned above and make sure that each and every facet in the electricity supply chain is protected and thus keep themselves one step ahead of the cyber attackers.
To secure the power and utility sector against lethal cyberattacks, companies have to adopt a proactive approach in which their security apparatus needs to acknowledge the interconnectivity of automated systems that gives a wealth of data to the companies and use this information to improve critical processes and optimize the system from a cybersecurity point of view. However, if not well prepared or recognized, this very interconnectivity can lead to security breaches and make the entire system vulnerable to cyber-attacks. This situation also prevails when open protocol networks are operating, which are necessary for distributed control systems, which are considered highly beneficial. However, this also leaves the entire distributed system open to risks and it may just be a matter of time when the weaknesses in such kind of systems are exploited and a major breach is observed.
Another challenge facing the power and utility industry in the realm of cybersecurity is the prevalence of legacy equipment and systems in their critical processes and most often or not, companies that are most vulnerable to cybersecurity breaches are adopting a disjoined approach towards plugging such gaps in the security apparatus. To prevent this, risk assessments need to be conducted that expose such weaknesses in the system and replace the obsolete machines or networks and equip the entire power equipment a highly sophisticated system that is updated to the current standards.
In addition, power and utility companies need to recognize that their staff is one of the key components in the prevalence of a highly secure system that is protecting the entire power system from cyber attackers. Some of the security breaches may occur if some employee/s make a genuine mistake that may expose the system to various cyber threats. However, it may also happen that some employee/s purposely make the system vulnerable to cybersecurity breaches and there is no way such sinister elements can be prevented from harming the entire system. Hence, there is a need to train the staff for the most updated security systems and companies need to follow set protocols to eliminate such threats. In addition, power and utility companies need to conduct a thorough risk assessment in which they ask themselves what is the level of risk they wish to endure and what are the costs of upgrading their security against threats that may not be imminent, but serve as a constant reminder about not letting their guard down.
The first facet for a robust risk mitigation strategy against cyber attacks in the power and utility sector is the creation of a cyber-resilience governance in which efforts of all the stakeholders are aligned towards one common goal and a clear accountability is set, which is paramount to success. Also, the concept of cyber security needs to be ingrained in the psyche of everyone involved, including the staff and management of power and utility companies and also cybersecurity needs to emerge as an important design parameter that needs to be considered while framing cybersecurity frameworks.
This also includes an unwavering commitment of the power and utility companies to cybersecurity and requires a strong mandate in the form of funds and accountability. In addition, it needs to be recognized that weak links in cybersecurity may lie outside of the power and utility companies’ ecosystems and there may be risks associated with the sensors or equipment of third-party vendors. By managing the security parameters of such entities, cybersecurity maturity across all facets of the organizations gets strengthened and stabilized. Last but not the least, crafting cyber resilience plans helps cybersecurity personnel to improve their protocols and strategies, giving rise to a robust cyber defense system.
The cybersecurity experts at KCS will study all your requirements in detail and figure out the regulation and compliance requirements that will help you in strengthening the cybersecurity apparatus accordingly. After this, our experts will detail out the critical assets of your power and utility business and map out the threats in various processes and systems associated with the cybersecurity aspects of your entire operations. This leads to finding gaps in your current security landscape and our experts will assess the maturity of current cybersecurity solutions, identify gaps in them, and makes additions and alterations in them that help your security systems to comply with the industry standards. This step leads to the phase wise implementation of the different components of the cybersecurity roadmap, that makes your cybersecurity apparatus robust and updated to face the latest threats. KCS power and utility experts will also help you in creating your own intellectual property (IP) by benchmarking the solutions and equipment developed by third party vendors that are compatible to your systems and processes.