On August 26 of this year, Montenegro’s state infrastructure was hit by an “unprecedented” cyber attack, and national government officials expressed concern.
“Some services were temporarily suspended for security reasons, but the security of citizens’ and companies’ accounts and their data was not at risk,” Public Administration Minister Maras Dukaz It was announced on Twitter.
It is the latest in a series of large-scale attacks on European grids, systems, subsystems, equipment, software and services. In an article for a leading electrical industry magazine, Bernard MontelThe Europe, Middle East and Africa (EMEA) security strategist and technical director at Tenable Corp outlined the growing threat of cyber attacks on utilities by both state actors and criminals.
Montel expressed particular concern because the amount of digitization currently underway across the industry “merges previously separate systems and allows attackers to exploit weak points in one before moving on to another”. Tenable counts many EU-based utilities among its core clients.
Hackers constantly find ways to use any vulnerability in a system to their maximum advantage. This is as much a problem for consumers as it is for commercial enterprises. Concerns about weak control systems are now adding to the stress created by hacker attacks on systems, such as physical destruction, electronic jamming or denial of service.
Existing supervisory control and data acquisition (Scada) hardware is primitive. PlugInAmerica.org Director Ron Freund Said: “It doesn’t handle common errors nicely, and isn’t reliable, much less scalable. But it’s not on the internet yet, so inaccessible for the most part. In fact, it’s scary how primitive some of these systems still are.”
Over the past few years, hackers have been focusing their attacks on vulnerabilities in electrical systems. In the case of charging stations, some of these soft spots are located inside the station itself, others are inside the equipment that controls the connection between the grid and the station, and still others are inside the assets on the grid side of the system. , and they are mostly owned by utilities
To understand the threat, consider the various attacks targeting Europe-based wind energy companies Deutsche Windtechnik, Enercon and Nordex. In three separate incidents, the hackers’ focus was different – malicious actors cut off power; Identity theft has occurred; And payment for electricity was stolen.
In most cases, such attacks can result in service disruptions affecting customers and revenue loss for power providers and/or asset owners.
In response to growing threats to critical infrastructure, the European Union (EU) has called on the utility sector to strengthen its cyber security hygiene and posture. The European Commission is backing up this call to action with €100m of funding, which utilities can use to support and improve their cyber security hygiene and strengthen their defences. The funds can also be used to help utility companies recover from cyber attacks and build resilience into their core systems.
It may be useful to compare this approach with what the United States is doing. The federal government there is providing $335m for utilities to develop cyber security plans, train staff and buy equipment. The investment is intended to help modernize the country’s critical infrastructure while protecting against cyber threats, to help reduce the likelihood of disruptions to essential services.
Kerry Smith, President and CEO of Parsons Corporation, a technology-focused defense, intelligence, security and infrastructure engineering firm, said: “Utilities are taking steps to harden their systems against cyber threats by investing in security measures and operations. These changes come as utilities face a growing threat across the landscape
“In recent years, there have been several high-profile cyber attacks against critical infrastructure, each reminding us that utilities must be prepared to defend themselves against sophisticated and sophisticated threats. It is a vital investment in security and will help protect critical infrastructure from growing threats from nation states, terrorists and criminals.”
Utilities rely on operational technology (OT) to manage their facilities and systems, provide service to customers, collect billing information from meters, control demand response devices, and coordinate their operations with other utilities. Companies that generate, transmit or deliver electricity are in a rapidly changing environment. They face growing demands on a grid that increasingly dispatches ever-increasing energy sources—solar, wind and other renewable resources.
Utilities are trying to optimize their operations and get more performance out of existing equipment to address the demands of renewable resources.
Smith added: “Utilities are beginning to rethink their approach to cybersecurity. Traditionally, they have focused on protecting their OT from external threats. However, as the grid becomes more complex and interconnected, utilities need a more holistic approach to cybersecurity. Admitted.”
All of this additional optimization, performance improvement and coordination requires utilities to do a better job of monitoring and controlling the growing number of connected devices across their growing OT systems.
As part of this, they must modernize and upgrade their OT networks, including Integrating OT with Information Technology (IT) networks To create more integrated and efficient operations. However, while the benefits of transforming a utility’s IT and OT networks under a single operational umbrella bring efficiencies, growing security threats and growing security and privacy requirements come into play.
As such, a growing network of experts say it’s important for utilities to consider security at every stage of an OT or IT network integration project—from design and implementation to ongoing management and monitoring.
Parsons Corporation’s Critical Infrastructure Cyber team applies a unified approach to the security and resiliency of OT and IT technology networks. Its approach includes these key elements:
- Establish a clear security strategy and governance framework up front: Define roles and responsibilities for security across the organization and be sure to consider security in all decision-making steps related to OT and IT network integration projects.
- Conduct a comprehensive risk assessment: Identify and assess risks associated with integrating OT and IT networks and develop mitigation plans accordingly.
- Design security into new architectures: Build security into the system design from the start, rather than trying to bolt it on later.
- Implement strong authentication and authorization processes: Ensure that only authorized users have access to specific parts of the system and that all user activity is properly logged and monitored.
- Adopt a defense-in-depth approach: Apply multiple layers of security controls to protect against various threats.
- Security testing and validation include: Regularly test the security of the system to ensure it is working properly and all vulnerabilities have been addressed.
- Provide cybersecurity training and awareness for employees and require: Employees who question strange or unusual items are the first line of cyber defense.
- Adopt control and security for the supply chain: It’s a good idea to check suppliers’ employees (including subcontractors) and any computers or other devices used or purchased through suppliers.
- Build a redundant and resilient integrated OT and IT system: To ensure high availability, it is important to build a fault tolerance standard OT system.