Cybersecurity and the distributed grid: A double-edged sword

AUTHOR: Robert Walton @TeamWetDog PUBLISHED May 21, 2018

wo evolutions are taking place around the power sector today, which could make it more difficult to defend from a growing cyber threat.

Hackers are becoming increasingly sophisticated in their attempts to disrupt electric grids. Attacks are more targeted, including spear phishing efforts aimed at individuals, and are shifting from corporate networks to include industrial control systems.

At the same time, the grid is becoming increasingly distributed and connected. Older power plants have been spared cyber attacks because they were not connected to the internet (which may not have existed when they were built). New resources are connected — though they are also being constructed with security in mind. And in this growing Internet of Things world, just about every device imaginable can create a potential vulnerability.

This creates something of a double-edged sword, say security experts. On the one hand, it distributes risk and the consequences of a successful breach. But it also creates a broader “attack surface” with more vulnerabilities and opportunities for attackers to gain access.

“In theory, a grid with more distributed resources can increase the potential attack surface for adversaries because the capacity of distributed generation, including renewables, has grown exponentially over the last decade.”

Bill Lawrence,

Director, NERC’s Electricity Information Sharing and Analysis Center

“Modern grid technologies expose existing security vulnerabilities in new ways, as well as introduce new benefits,” Advanced Energy Economy Institute concluded in an assessment of cybersecurity challenges on a distributed grid, published earlier this year.

The report also found the energy industry is “learning important lessons from the high profile, and high impact, attacks that have affected a large number of users in the United States during the past two years.” AEEI noted that several attacks have used internet-connected devices “such as baby monitors, webcams, and other smart home devices.”

No major disruptions yet
Thus far, the utility sector in this country has dodged any major disruptions due to cyberattacks. There have been minor intrusions, malware infections and false alarms, but so far, hackers have not been able to turn off the lights. Increasingly, however, security experts concede a successful attack is likely to happen eventually.

“In theory, a grid with more distributed resources can increase the potential attack surface for adversaries because the capacity of distributed generation, including renewables, has grown exponentially over the last decade,” Bill Lawrence, director of NERC’s Electricity Information Sharing and Analysis Center, told Utility Dive in an email.

Some of the success in deflecting attacks so far, said Lawrence, is because many of the new distributed resources are including cybersecurity concerns and plans from the start of a project, and up-to-date security solutions are coming to market. Some of those security products, he said, have been developed through the Department of Energy’s Cybersecurity for Energy Delivery Systems research and development program.

DOE’s Office of Electricity developed the R&D program, aiming to help energy sector asset owners. The Office of Electricity’s website neatly presents some of the difficulties presented by distributed resources.

Get electric utility news like this in your inbox daily. Su

SPONSORED BY WEST MONROE PARTNERS