Utilities are more connected than ever before. What was once a largely analog industry has introduced new technologies that improve performance, reduce costs, and enhance operations.
With increased connectivity, however, comes an increased risk of cyber attacks. And as threats become both more sophisticated and frequent each year, utilities must ensure that cyber security is carefully considered with every investment.
Fortunately, there are steps that utilities can take to mitigate the risk and consequences of an attack, allowing them to achieve the benefits of new technology while ensuring the reliable flow of power to customers.
The Growing Threat of Cyber Attacks
As critical infrastructure, the energy industry in general, and the electricity industry in particular, are attractive targets for nation-states, organized crime, hacktivists, and other malicious actors. A recent report showed that the energy industry was the fourth most targeted by cyber attacks in 2022, accounting for 10.7 percent of observed attacks.
The frequency of attacks has increased as well. Data from 2021 showed a 46 percent year-over-year increase, with the utility sector experiencing an average of 736 attacks per week.
So far, there have been relatively few examples of large-scale cyber attacks on energy infrastructure. But the industry is not immune to the threat. Two widely cited examples, the 2015 attack on a Ukrainian utility and the 2021 ransomware attack on a major US oil conduit show what can happen if malicious actors gain access to critical energy infrastructure.
The worst-case scenario is a widespread and prolonged shutdown of the electricity grid, but most attacks are not designed to inflict such catastrophic damage. Many instead have smaller goals, such as disrupting internal operations and productivity, stealing sensitive customer information, or blocking access to files in exchange for a ransom payment.
Though not as severe, these types of attacks still impose significant consequences. A recent Trend Micro survey of companies in the US, Germany, and Japan found that the monetary damage to the electricity and energy industry from cyber attacks reached more than $3.4 billion in 2021.
Cyber Security Challenges In the Utility Industry
In addition to being an attractive target, the nature of the utility industry presents companies with some unique challenges.
For example, the average top 25 US power company has 121 plants spread over 94,000 miles, representing a large and vulnerable attack surface. Further, many utilities are made up of multiple business units focused on different aspects of generation, transmission, and distribution. Combined, these factors make it difficult to implement and coordinate effective and consistent security measures.
Another challenge is that the utility industry relies heavily on third-party vendors. A typical utility runs a complex mix of legacy equipment that may no longer be supported, specialized devices from technology startups, and high-value assets critical to the flow of power. And as more connected devices are deployed to enable the smart grid, the number of potential vulnerabilities will continue to expand.
Basic Security Practices to Reduce Risk
In response to these threats, it’s no surprise that utilities are increasingly concerned about cyber security, especially when procuring and deploying technologies that connect to the network.
Thermal & visual sensors, for example, require connectivity to transmit data on asset health to the Operations & Maintenance and Asset Management teams.
Fortunately, there are measures utilities can take. Many low-skilled threats can be avoided through basic security practices, such as implementing strong password requirements and changing passwords regularly. Employees should be trained to recognize suspicious emails, links, and websites that may contain malware and avoid plugging in any unknown storage devices such as USB sticks or external hard drives.
When partnering with a technology vendor, ask about their security policies and the procedures they have in place to secure their devices. Work closely with them to best introduce the solutions to the network without increasing the risk of cyber attack.
Securing Thermal & Visual Sensors for Touchless Monitoring
At Systems With Intelligence, we’re conscious of security with every decision that we make. We conduct regular vulnerability and penetration assessments and have designed our code to be resilient against common attack vectors.
There are two primary security considerations when deploying thermal & visual sensors for remote substation monitoring - the collection and use of sensitive information and the need to access the network.
First, Systems With Intelligence does not collect or store any sensitive information, and any data transmitted by the devices is encrypted. And in most scenarios, the thermal and visual data itself is generally low-risk as it cannot be used to disrupt the flow of power.
When it comes to the network, sensors should be segregated from other equipment that is critical to delivering power to customers. Access controls should also be used to limit access only to those who need it for their roles to further reduce the risk that a breach in one area spreads across the entire organization.
A Holistic Approach to Security
Cyber attacks are a growing threat, and utilities are rightly concerned about cyber security as they introduce new technology to the grid. Malicious actors are becoming more sophisticated, and the number of attacks against the utility industry is increasing each year.
But cyber attacks are not the only threat. As we’ve discussed before, physical security is also vital to protect remote and unguarded infrastructure from vandalism, copper theft, disgruntled employees, and other physical damage that impact safety, performance, and reliability.
Thermal & visual sensors provide utilities with remote monitoring capabilities for both security and asset management. Our team will work to carefully understand your security requirements and explain how the right solution can best be implemented to reduce cyber security risk, improve asset health, and achieve a positive return on investment.