Over the past few years energy networks have been gradually transforming into smart grids.
While increased connectivity is helping optimise energy reliability and performance, it has also led to a heightened vulnerability to cyber attacks, with whole systems dependant on the security of their operators and millions of electronic devices linked to critical power facilities.
However, despite growing fears, uncertainty remains in the industry over the extent of this threat, with few companies taking tangible steps to prepare for the worst.
Two companies shifting their focus to the growing need for cybersecurity are the European Network for Cyber Security (ENCS) and the European Distribution System Operators’ (EDSO) Association for Smart Grids.
The firms, which have been partners for the past two years, added an addendum to their Memorandum of Understanding (MoU) that expands and ‘intensifies’ their focus on areas such as security requirements, training, regulatory recommendations and validation and testing of cybersecurity solutions.
Here, Scarlett Evans speaks with ENCS managing director Anjos Nijk about the dangers cyber attacks pose to smart grids, and the hopes that this updated partnership can combat the problem.
Scarlett Evans (SE): What challenges do smart grids face in protecting against cyber attacks?
Anjos Nijk (AN): Electricity grids are complex systems, highly interconnected and with legacy equipment from decades even before the development of telecoms and internet technology. Most of the systems were built without any security requirements taken into account.
With the current speed of digitisation of the grid systems, which is needed to facilitate the energy transition, and the speed of connecting new systems and technologies to the grids, such as smart metering, electrical vehicle charging and IoT [Internet of Things], grid systems become vulnerable and the ‘attack surface’ expands rapidly.
A particular aspect of the energy grid is the risk of cascading. This means that if a large system is damaged, other systems will be infected as well. This then may lead to a big-scale blackout – even beyond country borders – as the entire grid system is connected. Even other critical infrastructure such as transport and healthcare can be affected, as they all rely on energy supply.
So, to get technology in control by implementing secure architectures and system hardening is a must. It is crucial to assure only new systems that comply with minimum security requirements posed by the grid operators will be added to the grid.
Another main issue is the need for, and lack of, the knowledge and skill sets that grid operators require. Not only to integrate the new technologies in the grid, but also how to operate the new environments managing multiple technologies and increasing data volumes. To do all of this in a secure way, a thorough understanding of security concepts and how these should be applied in this fast-changing environment is needed. There is currently a lack of qualified staff in this domain and these skills and knowledge are extremely hard to develop.
Since the Ukraine blackouts, we know that energy grids can be brought down by hackers. So, as a grid operator you have to be prepared. Intrusion detection systems, role-based training for various roles in the organisation, red team/blue team training and exercises are all needed.
The last few years have shown that malicious players have developed rapidly, with increasing volume and sophistication of attacks. It’s a huge challenge for the grid to keep up with the pace of the cyber attackers and technologies.
Why is cybersecurity of increasing importance to energy networks?
Ten years ago the energy grid was still a fully stand-alone system. Now, it gets more connected by the day. Non-secure systems are added and existing non-secure systems get more exposure into an increasingly complex architecture of the overall grid system. Criminal actors have identified opportunities to create business models with malware such as ransomware; nation state actors explore capabilities in hybrid warfare. We have seen convincing real-life examples now. If the bank is hacked, you lose money: if the energy grid is hacked, you may lose lives.
What do you hope to achieve through the newly updated EDSO partnership?
There is only one way to cope with the challenges ahead, namely collaboration. To build and maintain the needed expertise becomes possible if the best experts create solutions for the benefit of the entire grid industry, which requires sensitive information to be shared. With the updated ENCS-EDSO partnership we do exactly that, by intensified collaboration on security requirements for various grid domains, testing, providing expert support to Network Code and standardisation groups, security training programmes and security community building.