How could a rogue state, terrorist, or malcontent debilitate a major city or even an entire country? Unfortunately, it would be quite simple — they would strike the facilities that produce and distribute the electrical power that everything else depends on. How did we wind up with a system of energy production and distribution so vulnerable to attack? The answer lies in well-intentioned efforts to modernize energy distribution and make it safer, cleaner, more efficient, less costly, and open to more alternative forms of production.
The problem is that the very thing that makes the grid smart — the ability of a myriad of embedded systems to communicate with each other, often using a combination of legacy and proprietary equipment alongside more modern solutions — has created a duality where communications over serial, wired and wireless Ethernet, cellular, and dial-up modems are used with a combination of common TCP/IP and proprietary protocols. This has expanded the attack surface — making it vulnerable to cyberthreats —and open systems invite hacking.
Why is the energy grid at risk?
The good news is that energy companies and security technology providers are getting smarter about identifying, finding, and fixing vulnerabilities, and technology is increasingly effective at detecting and thwarting attacks. The challenge is that cybersecurity investments — and cybersecurity consciousness have not kept pace with either the sophistication of embedded technology nor the shrewdness and tenacity of attackers. And in spite of energy being perhaps the most regulated sector on the planet, “compliant” doesn’t always translate to “secure.”