Gauging from recent media reports, it would appear that power grids are vulnerable to cyberattacks. This has raised concerns that hackers are a mere switch away from plunging the world into darkness.
Over a month ago, a report revealed that hackers compromised an Irish power grid company by installing eavesdropping software on its routers. In early July, a report revealed that hackers have been trying to penetrate the computer networks of operators of nuclear power stations and other energy facilities. Late last year, code used by a Russian hacking operation was discovered within the system of a Vermont power grid.
These stories, however, do not mean that power grids are not capable of protecting themselves from cyberattacks.
Power Grids Are Safe, Says Expert
He says that electric grid infrastructure is usually quite reliable and safe. This is due to the strong safety culture of industrial engineering. Lee cites an example about recovering from a portion of the U.S. power grid going down. Operators can move away from computers and perform manual operations to get the infrastructure back up within a matter of hours, or days at most.
Protecting Power Grids Against Hackers
Lee admits that hackers are becoming more aggressive as their learning grows about infrastructure from both computer technology and industrial engineering standpoints. In addition, increasing automation has resulted in use of more computer-based platforms instead of manual operations. This provides attackers an increased opportunity to launch cyberattacks on these standardized computer-based platforms.
Cyberattacks usually have two broad categories: The first one where the primary motive is to gain, steal, or delete information; the second category involves causing physical damage to equipment and causing power outage.
Lee, however, does not see any legitimate reason for adversaries to target industrial infrastructure outside of conflict scenarios. Traditionally, hackers have not focused on compromising power grids not because they don’t want to. Rather, this is because of the minimal return on investment of carrying out such an operation. However, that does not rule out the possibility of such an attack.
Protecting power grids against cyberattacks requires the appropriate architecture to build a robust infrastructure. This applies a layer of security right from the beginning. Operators will then need passive defense in the form of vendor tools and security tools, followed by active defense in the form of experts hunting for attackers from within the environment. There is also a need for intelligence, which possibly entails infiltrating adversary networks, and even offense, which targets malicious infrastructure.
Lee believes that active defense requires the most attention, as there are less than 1,000 Industrial Control Systems (ICS) cybersecurity professionals worldwide. There needs to be a focus on training humans to counter adversaries, and with them, power grid cybersecurity defense has a strong upper hand against attackers.
Achieve IoT Success
We understand the challenge of transforming an organization to embrace the Internet of Things. Let us help you increase your probability of success.
Contact Amyx+ for a free initial consultation.
About Amyx+ IoT Business Transformation | Strategy | Innovation | Product | Data Analytics
- Voted Top IoT Influencer by Skyhook
- Voted Top IoT Rockstar by HP Enterprise
- Voted Top IoT Influencer by Inc. Magazine
- Voted Top in the Business of IoT by Relayr
- Voted Top Global IoT Expert by Postscapes
- Voted Top IoT Authority by the Internet of Things Institute
- Featured as a Top Internet of Things Company by Postscapes
- Voted Most Influential in Smart Cities and IIoT by Right Relevance
- Winner of the Cloud & DevOps World Award for Most Innovative Vendor
Amyx+ is an award-winning IoT business transformation firm specializing in IoT strategy, innovation & product development. As a thought leader in the Internet of Things, Amyx+ has the creative horsepower and the development prowess to execute even the most complex client engagements. Amyx+ is working with international and multinational enterprises to help 1) understand the impact of IoT disruptions, 2) formulate and sharpen their IoT strategy, 3) quantify the business case, 4) experiment, learn, validate, 5) develop game changing technologies, and 6) launch innovative IoT products and services worldwide. We employ a flexible methodology and approach to fit the client and needs & objectives while adapting to changing IoT environments. We have presence in San Francisco, NYC, and throughout Europe.