National power grids are increasingly the target of hackers and attacks. Several have been reported across the U.S. this year, as well as in Turkey and Switzerland. These attacks were just the beginning because they’re now drawing the world’s attention to the vulnerability of national power supply systems, and bringing into question the safety of these and other infrastructural services.
Cyberattacks are becoming the latest weapons of mass destruction, with widespread infrastructural failures as their goal. Such attacks have the potential to take down a country’s power grid, as some attacks have already proven. Where do companies begin, and what can be done to slow or prevent attacks like these from happening in the future?
Infrastructural Cyber Attacks
While many have discussed the susceptibility of critical infrastructures to cyber threats, few tangible defenses have yet been applied to these systems. In reviewing recent attacks, specifics of each breach are less important than the grid’s overall defenselessness and how wholly unprepared such infrastructure is against such cyberattacks.
Cyberattacks such as piracy tools are also becoming more common. In 2013, hackers gained control over the port computer system in Antwerp, using the records to locate and smuggle oil containers, then delete their tracks once the operation was complete. According to new research, global spending on smart-grid cybersecurity is expected to nearly double in the next decade, rising from $1.8B to nearly $3.2B by 2026. This is a good development, yet care must be taken to ensure the most effective measures are addressed first.
Meeting cybersecurity demands on infrastructure networks
The only constant here is change. Future-proofing is achieved through constant feedback and open dialogue. Companies must revise attitudes toward cybersecurity, focusing on it as a pressing need rather than an afterthought. Hackers tend to focus on attacking critical infrastructure industrial processes, rather than physical assets.
It is critical for infrastructural companies to actively recognize the real threat that cyber-attacks present, and to work in collaboration with security services toward developing the technology needed to keep them at bay.
Steps to take now to protect the grid from future attacks
There are a few critical steps that can be taken today, which will be instrumental in attempts to prevent future cyberattacks on critical infrastructures.
● Information sharing – Although this seems logical, the primary reason this has become an issue is organizations’ need to protect their image and brand. It’s time to break through these barriers, at least within departments responsible for cyber security. It will allow authorities to target the guilty parties faster, creating a deterrent and enabling more rapid response and resolution.
● Updating out-of-date systems – The process must be simplified and centralized, for critical infrastructures and utilities to transition legacy networks into packet systems, while keeping them guarded against attacks with the appropriate security measures, if these infrastructures aren’t able to ward off today’s more advanced threats.
● Future proofing – The utilities industry has relied on legacy infrastructure for too long. As many consider or begin to update, they need to create risk-assessment roadmaps. Thinking early and ahead, should something happen, will keep them prepared and ready when a breach occurs.
In an ideal world, companies everywhere will begin to inform the public when something goes wrong. Many around the world still seem unaware of these attacks, how industrial hackers interact with their targeted systems or that the global grids are even at risk of infiltration.
This not only leads to an uninformed populace, but it significantly slows the development of effective preventive measures. Breaches and attacks are only going to get more complicated and prevalent in the coming years. It’s important that utility companies aren’t afraid to recognize when they would benefit from assistance to quickly find what they’re looking for.
Sometimes, that means finding a vendor who can provide clear short-term and long-term roadmaps, and provide help and guidance during each step along the way. Such effective partnerships will be the difference between preventing a breach or an electrical grid going down.
