National power grids are increasingly becoming a target of hackers and attacks. Several hacks have been reported across the globe in recent years, drawing the world’s attention to the vulnerability of national power supply systems, and bringing into question the safety of these and other infrastructural services.
‘Cyber attacks’ with widespread infrastructural failures as their goal, have the potential to take down a country’s power grid, as already proven by previous attacks. This has made cybersecurity a number one priority for global corporates, and often their first step to achieving this is by future-proofing their operations,” says Taru Madangombe, Schneider Electric Energy VP for Southern Africa.
“In order to future-proof, utilities must revise their attitudes towards cybersecurity, highlighting it as a pressing need rather than an afterthought. Hackers tend to focus on attacking critical infrastructure industrial processes, rather than physical assets.”
Many plants are convinced that their networks are isolated and consequently secure, but without ongoing audits and intrusion detection, that security could just be a delusion.
“The growing demand for open information sharing between business and production networks increases the need to secure transactions and data. For power generating companies, where consequences of an attack could have widespread impact, the need for cybersecurity is even more pressing,” he says.
The open and interoperable nature of today’s industrial automation systems — many of which use the same computing and networking technologies as general-purpose IT systems — requires engineers to pay close attention to network and cybersecurity issues.
“It’s also important to remember that threats can come from many sources, external or internal, ranging from terrorists, disgruntled employees, to environmental groups and common criminals. Making matters worse, the technical knowledge, skills, and tools required for penetrating IT and plant systems are becoming more widely available. As the incidents of threats increase, the level of sophistication necessary to implement an attack is decreasing, making it easier for intruders.”
Power engineers play a critical role in hardening power operations against intruders, however collaboration and support of both corporate management and the IT department are essential.
A recent companywide vulnerability audit of a large U.S. utility revealed some areas of technical vulnerability in the control system, but most of the findings had to do with organisational problems, such as lack of plant-wide awareness of cybersecurity issues in general, inconsistent administration of systems, lack of a cybersecurity incident response plan and poor physical access to some critical assets.
“Corporate management must acknowledge the need for secure operations, and because few companies have the resources to harden all processes against all possible threats, management must guide the development of a security policy that will set organisational security priorities and goals. In having all departments working together, project engineers must understand the security risks and possible mitigation strategies, while IT, which brings much of the security expertise, must understand the need for real‑time availability to keep units online,” says Madangombe
“Management must also recognise that investment in prevention will have a far greater payback than investment in detection and removal. Although investment in the latter areas may be necessary to ward off immediate threats, focusing on activities that prevent attacks in the first place, will reduce the need for future detection and removal expenditures,” he concludes.