Why global power grids are still vulnerable to cyber attacks – Times of India
As utilities flip to sources of renewable vitality and add tens of millions of different parts like sensible meters, they’re quickly multiplying the quantity of connections and sensors alongside their networks, widening the potential for intrusions.
“Power grids are getting increasingly vulnerable because of digitalisation and the use of more smart applications,” mentioned Daine Loh, a Singapore-based power and renewables analyst at Fitch Solutions.
It’s a risk highlighted in an preliminary probe in India that discovered an October blackout in Mumbai could have been attributable to cyber sabotage. That outage impacted inventory markets, trains and hundreds of households within the nation’s monetary hub. The disruptive potential of grid failures — as seen in Texas final month due to a sudden deep freeze — makes the sector a key goal, significantly for state-based mostly hostile actors.
Over the previous 4 many years, power vegetation and substations have been shifting from handbook to computerized controls, and are more and more being related to private and non-private networks for distant entry, leaving them uncovered to attacks. Producers and distributors have additionally usually been reluctant to spend on defending themselves towards low-likelihood attacks.
“India’s power system is in urgent need of proper cybersecurity systems,” mentioned Reji Kumar Pillai, president of India Smart Grid Forum, a assume-tank backed by the India’s power ministry and which advises governments, regulators and utilities. “Both the state and the central governments need to treat this with utmost urgency, without waiting for a disaster to happen.”
There’s been a pointy rise over the previous two years in cyber attacks concentrating on crucial infrastructure, together with grids, and it’s additionally turning into simpler for hackers to achieve entry to key gear, in accordance to Darktrace, a UK-headquartered safety supplier.
“There is now a path for attackers to run from spoof emails in an employee’s inbox right through to critical gas compressors and turbines,” mentioned Sanjay Aurora, Darktrace’s managing director, Asia-Pacific.
The US Department of Energy and its National Nuclear Security Administration mentioned in December they have been amongst targets in a suspected Russia-backed hack. Nuclear Power Corp of India Ltd mentioned in 2019 that malware contaminated a pc community used for administrative capabilities.
Attacks aren’t confined to power grids. Recorded Future, a privately held cybersecurity agency based mostly close to Boston that tracks malicious exercise by nation-state actors, mentioned it observed exercise by a China-linked group towards an Indian maritime port this week.
“Essential state infrastructures like power grids and nuclear reactors have been and will continue to be a target of cyber attacks because modernisation allows internet connectivity, which makes them vulnerable,” mentioned Kim Seungjoo, a professor at Korea University’s School of Cybersecurity. “It’s almost a natural instinct of hackers, especially the state-sponsored ones, to attack energy infrastructure because they can easily disrupt national security.”
