Cybersecurity Threats – The New Reality for Utilities
Cybersecurity experts agree: Cyberattacks are the new reality for utility companies. On Jan. 10th, 2018, a major power outage hits the Consumer Electronics Show (CES), Las Vegas. For nearly two hours, participants were reminded that without electricity, the digital economy would not survive very well. In 2016, 3.85 trillion kilowatthours (kWh) [EIA] was consumed in the U.S., enabling consumers, transportations, commercial and industrials business to perform their daily activities. No doubt that over the world, national and regional power grids are critical infrastructures requiring adequate protections such as the North-American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) plan.
On Dec. 23, 2015, a major cyberattack on the Ukrainian Kyivoblenergo, the country’s regional electricity distribution company, left 10 substations disconnected for more thanthree hours. A foreign attacker had remotely controlled the SCADA distribution management systemgrid, which knocked out power distribution to more than 225,000 people across the region. Why the power went down wasn’t immediately known. However, shortly after the incident, Ukrainian government officials — as well as private companies and the U.S. government—performed analysis and determined the outages were caused by a cyberattack, and that Russian security services were responsible for the incidents.
According to many cybersecurity experts and as published by IIoT World, these attacks are on the rise and becoming more sophisticated. It’s not about if, but when they occur.
What does that mean for utilities? It means that preparing for cyberattacks must become the new normal for utilities. Physical Security and cybersecurity of the critical assets must be integrated in smart grid design, products selection and deployment, increasing the readiness for attacks protection and mitigation. Regular staffs training on cybersecurity, disaster recovery plan definition and audits must be high priority on Senior leaders objectives. Building an end-to-end, complete grid security solution is imperative. Find more about the best cybersecurity risk mitigation strategies.
Here are four things to know:
- It’s not a matter of if your security perimeters get compromised, but when.
- Attacks are going to get more frequent and sophisticated.
- Products, tools, best practices and more are available to help companies protect their infrastructures and mitigate the threats.
- We made significant investments and we have a lot of momentum in the security space.
Our mantra is that every device on the network is a security asset. For a Utility company, that means from production to transmission (in or out the substation), to distribution (down to the meters and distribution assets), all operations issue from the control center, operations center and the data center to and from the grid are covered.
Outsmart the cybersecurity threat
We’re seeing an evolutionary shift from aging legacy systems, process control systems protocols and unconnected devices. With legacy protocols, nobody could detect or know about threats. Now, these systems are being retrofitted and architectures are developing to make these newly connected devices more secure within the distribution grid.
We now have a level of visibility into the network that we didn’t have with the legacy systems. We can detect an anomaly, determine if it’s normal or abnormal behavior and then provide intelligence about what is going on.
Here’s an example of the power of our security system. Imagine that there is an analyzer on a transformer pole in the middle of Idaho. Using profiling and analytics, we are able to monitor the traffic and detect any anomalies. We will know if it’s going to an unusual destination (another country, for example) or if it’s not being sent via DMP or Modbus.
If anything unusual is detected—if, for example, someone modifies our device or software on purpose or by accident, Cisco can detect the change, reconfigure it and change it back, reject it from the network or reset to the factory standards.
When we design a network for security, it’s a mix of best practice, product, and design. We can protect what we know, but at the same time, you have to mitigate what you don’t know. Mitigating the effects of the attack through product design is just as important.
This article was written by Dave Schmitt, Global Utility Solutions Architect, Kinetic Industrial Products Group. Dave has been with Cisco Systems over 17 years, 15+ of those years working with and supporting Utilities of various sizes. He has overall more than 30 years experience in the computer and networking industry. Dave has supported design and managed networks for some of the largest public and private institutions globally. Read the original version of this article here.
Unmasking the Cost of Downtime: How Industrial DevOps Can Save Manufacturers Millions
In today’s manufacturing landscape, downtime significantly threatens both productivity and profitability. According to the latest State of Industrial DevOps Report, each hour of downtime costs U.S. manufacturers an astounding $4.2 million, with an average shutdown costing $126 million. With half of
Preparing ICS for Future Threats: Quantum-Resistant Security and Industry Standards
As the threat landscape rapidly evolves, industrial companies managing ICS environments must proactively strengthen their cybersecurity defenses. In addition to current regulations, emerging technologies like quantum computing will necessitate more advanced security protocols to prevent potential breaches. This article explores
Am I Ready for DataOps? 4 Common Signs
DataOps solutions are necessary in manufacturing environments where data must be aggregated from industrial automation assets and systems and then leveraged by business users throughout the company and its supply chain. These solutions are purpose-built to improve the orchestration, observability,