Why global power grids are still vulnerable to cyberattacks

A file photo shows power lines in Houston, Texas. The disruptive potential of grid failures – as seen in Texas last month due to a sudden deep freeze – makes the sector a key target, particularly for state-based hostile actors. — AP

More than five years after massive cyberattacks left a quarter of a million Ukrainians without electricity, the world’s power grids have become even more vulnerable to hackers.

As utilities turn to sources of renewable energy and add millions of other components like smart meters, they’re rapidly multiplying the number of connections and sensors along their networks, widening the potential for intrusions.

“Power grids are getting increasingly vulnerable because of digitalisation and the use of more smart applications,” said Daine Loh, a Singapore-based power and renewables analyst at Fitch Solutions.

It’s a threat highlighted in an initial probe in India that found an October blackout in Mumbai may have been caused by cyber sabotage. That outage impacted stock markets, trains and thousands of households in the nation’s financial hub. The disruptive potential of grid failures – as seen in Texas last month due to a sudden deep freeze – makes the sector a key target, particularly for state-based hostile actors.

Over the past four decades, power plants and substations have been moving from manual to automatic controls, and are increasingly being connected to public and private networks for remote access, leaving them exposed to attacks. Producers and distributors have also often been reluctant to spend on protecting themselves against low-probability attacks.

“India’s power system is in urgent need of proper cybersecurity systems,” said Reji Kumar Pillai, president of India Smart Grid Forum, a think-tank backed by the federal power ministry and which advises governments, regulators and utilities. “Both the state and the central governments need to treat this with utmost urgency, without waiting for a disaster to happen.”

There’s been a sharp rise over the past two years in cyberattacks targeting critical infrastructure, including grids, and it’s also becoming easier for hackers to gain access to key equipment, according to Darktrace, a UK-headquartered security provider.

“There is now a path for attackers to run from spoof emails in an employee’s inbox right through to critical gas compressors and turbines,” said Sanjay Aurora, Darktrace’s managing director, Asia-Pacific.

The US Department of Energy and its National Nuclear Security Administration said in December they were among targets in a suspected Russia-backed hack. Nuclear Power Corp of India Ltd said in 2019 that malware infected a computer network used for administrative functions.

Attacks aren’t confined to power grids. Recorded Future, a privately held cybersecurity firm based near Boston that tracks malicious activity by nation-state actors, said it noticed activity by a China-linked group against an Indian maritime port this week.

“Essential state infrastructures like power grids and nuclear reactors have been and will continue to be a target of cyberattacks because modernisation allows Internet connectivity, which makes them vulnerable,” said Kim Seungjoo, a professor at Korea University’s School of Cybersecurity. “It’s almost a natural instinct of hackers, especially the state-sponsored ones, to attack energy infrastructure because they can easily disrupt national security.” – Bloomberg

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 46
Cxense type: free
User access status: 3

Next In Tech News

After Amazon: Labour tries to regroup in wake of Alabama loss
Facebook wants to help you recognise satire
FBI: Far-right extremist planned to blow up Amazon datacentre
Apple facing supply shortage of upcoming high-end iPad displays
Fed chair says cyberattacks main risk to US economy
Microsoft makes big bet on healthcare AI technology with Nuance
Myanmar youth fight Internet outages with underground newsletter
Record Alibaba fine shows China’s big tech can’t fight back
HSBC and Huawei CFO reach agreement on document publication linked to extradition case
Microsoft in discussions to buy Nuance Communications: report

Stories You'll Enjoy