Are Smart Grids Vulnerable to CyberAttacks?

Smart grids and the Internet of Things offer unprecedented levels of connectivity and efficiency, but they can leave national energy grids vulnerable to hacking. ENCS managing director Anjos Nijk tells us about proactive grid-scale cybersecurity. 

SMART GRIDS ARE AN INCREASINGLY POPULAR METHOD OF PROVIDING RELIABLE, FLEXIBLE ENERGY ON A NATIONAL SCALE, BUT THEIR CONNECTED NATURE ALSO MAKES THEM MORE VULNERABLE TO CYBER THREATS. WITH WHOLE ENERGY SYSTEMS DEPENDENT ON THE SECURITY OF OPERATORS AS WELL AS THE MILLIONS OF ELECTRONIC METERS AND SMART DEVICES LINKED TO CRITICAL FACILITIES, A CYBERATTACK COULD HAVE DEVASTATING CONSEQUENCES FOR THE GRID.


But just how real is the threat of power infrastructure infiltration?


Two companies shifting their focus to the growing need for cybersecurity are the European Network for Cyber Security (ENCS) and the European Distribution System Operators' (EDSO) Association for Smart Grids. Recently, the firms added an addendum to their exisiting memorandum of understanding to expand and intensify their focus on energy security requirements, training, regulatory recommendations and validation and testing of cybersecurity solutions.


Here, ENCS managing director Anjos Nijk discusses the dangers cyberattacks pose to smart grids and the work being done to bolster power facilities against hacking threats.

Anjos Nijk, ENCS managing director

Electricity grids are complex systems, highly interconnected and with legacy equipment dating back decades before the development of telecoms technology and the internet. Most of the systems were built without any security requirements taken into account.


With the current speed of digitisation of the grid systems, which is needed to facilitate the energy transition, and the speed at which new systems and technologies such as smart metering, electrical vehicle charging and Internet of Things-enabled devices are connected to the grid, infrastructure becomes vulnerable and the ‘attack surface’ expands rapidly.


A particular aspect of the energy grid is the risk of cascading. This means that if a large system is damaged, other systems will be infected as well. This then may lead to a big-scale blackout that can spread through the entire connected grid system – even beyond country borders. Other critical infrastructure such as transport and healthcare can also be affected, as they all rely on energy supply.


This means keeping control of the entire network by implementing secure architectures and system hardening is a must. It is crucial to ensure only new systems that comply with minimum security requirements posed by the grid operators are added to the grid.

/  energy grids can be brought down by hackers  /

Another main issue is the need for, and current lack of, the knowledge and skill sets that grid operators require, not only to integrate the new technologies in the grid, but also to operate the new environments while managing multiple technologies and increasing data volumes.


To do all of this in a secure way, a thorough understanding of security concepts and their application in this fast-changing environment is needed. There is currently a lack of qualified staff in this domain and these skills and knowledge are extremely hard to develop.


Since the Ukraine blackouts, we know that energy grids can be brought down by hackers. So, as a grid operator you have to be prepared. Intrusion detection systems, role-based training for various roles in the organisation, red team/blue team training and exercises are all needed.


The last few years have shown that malicious players have developed rapidly and the volume and sophistication of attacks has increased. It’s a huge challenge for grid operators to keep up with the pace of evolution witnessed in cyberattacks.

/  If an energy grid is hacked, lives could be lost  /

Ten years ago the energy grid was still a fully standalone system. Now, it gets more connected by the day. Non-secure systems are added and existing non-secure systems get more exposure in an increasingly complex architecture of the overall grid system.


Criminal actors have identified opportunities to create business models with malware such as ransomware; nation state actors explore capabilities in hybrid warfare. We have seen convincing real-life examples of this and the risks cannot be ignored. If a bank is hacked, you lose money; if the energy grid is hacked, you may lose lives.


There is only one way to face the challenges ahead, and that is through collaboration. Building and maintaining the necessary expertise becomes possible if the best experts create solutions for the benefit of the entire grid industry, which requires sensitive information to be shared.


With the updated ENCS-EDSO partnership we do exactly that, through intensified collaboration on security requirements for various grid domains, testing, providing expert support to network code and standardisation groups, security training programmes and security community building.

Transmission