Unifying communications to combat cyberthreats
Reviewing communication networks is key to protecting the nation's critical utility infrastructures, argues SmartUC's Mike Norfield.
7th February 2017 by Networks
What could be worse than cyber-criminals stealing millions of personal records in a large data breach? How about destructive cyberattacks against our vital utility infrastructure companies that run dams, power plants, and other critical networks around the globe?
Cyberattacks on such infrastructure are growing at an alarming rate. Hackers are now targeting these vital services, threatening international security and our very way of life.
With the frequency and intensity of the attacks growing, governments and security experts across the world are seeking assurances from utilities providers that networks are protected from outside threats. But with the growth of internet-enabled devices and the increasing use of telemetry data, safeguarding security can be a challenge.
Rising threat levels
In the last 18 months, we’ve seen a number of examples of attacks on critical infrastructure. In December 2015, a presumed Russian cyber-attacker successfully seized control of the Prykarpattyaoblenergo Control Center (PCC) in Western Ukraine, leaving 230,000 without power for up to six hours. This marked the first time that a cyber weapon was successfully used against a nation’s power grid.
The PCC operated a common form of industrial control system known as a supervisory control and data acquisition (SCADA), which allows for remote controlling and monitoring of industrial processes — in this case the distribution of electricity. The attackers overwrote firmware on critical devices at 16 substations, leaving them unresponsive to any remote commands, effectively leaving plant operators blind.
The attackers also used telephone systems to generate thousands of calls to the energy company’s call centre to deny access to customers reporting outages. However, the strongest capability of the attackers was not in their choice of tools or in their expertise, but in their capability to perform long-term reconnaissance operations required to learn the environment and execute a highly synchronized, multistage, multisite attack.
The technical approaches used by the attackers included:
- Spear phishing to gain access to the business networks of the Oblenergos
- Identification of BlackEnergy 3 at each of the impacted Oblenergos
- Theft of credentials from the business networks
- The use of virtual private networks (VPNs) to enter the ICS
- The use of existing remote access tools within the environment or issuing commands directly from a remote station similar to an operator HMI
- Serial-to-ethernet communications devices impacted at firmware level15
- The use of a modified KillDisk to erase the master boot record of impacted organization systems as wellas the targeted deletion of some logs
- Utilizing UPS systems to impact connected load with a scheduled service outage
- Telephone denial-of-service attack on the call centre
In April 2016, production at a German nuclear plant was almost halted after computer viruses infected PCs being used at the site. RWE, the company managing the Gundremmingen plant, 120 km (75 miles) northwest of Munich, said, thankfully no critical system in the nuclear reactors was affected. Clearly, concerns about attacks on critical infrastructure are well founded. But what can be done to protect these networks?
Security in the IoT Era
The widespread move towards the Internet of Things (IoT) is gaining strong support from companies operating in the utilities industry. The electricity and energy sectors, in particular, are investing billions into IoT technology—estimated to be $201 billion by 2018. In fact, the global number of devices being managed by utility companies is projected to grow from 485 million in 2013 to 1.53 billion in 2020.
These devices can range from meters, grid sensors and actuators to energy boxes and electrical appliances. They are used for applications such as grid monitoring and control, metering, asset management and tracking, and field force communication.
For utilities, the smart grid era ushered in by IoT technologies means more data to be analysed and managed, but also better efficiency and integration. As in other industries, IoT platforms process huge volumes of data, which can become vulnerable to hacking if not secured. Ensuring energy and utility companies, as well as their connected technology and applications, are secure must be a priority.
A recent report found that utilities will, in fact, be the one of the main sectors driving growth of the IoT security market between 2016 and 2020. The study by MarketResearchReports found that IoT security will have an annual growth rate of 55.01% over the period.
Unifying communications to combat threats
The benefits of using a private communication network are particularly important when it comes to delivering enhanced security. When compared to public alternatives, such as cellular networks for example, private networks typically offer higher levels of encryption and user authentication, as well as greater resilience and access control for devices and users.
Furthermore, a private network enables organisations to monitor and control field operations across widely dispersed areas, without reliance on less secure technologies. Many utility companies find they are operating a range of aging communication networks in order to fulfil operating requirements, many of which may have substantial security flaws. Reviewing all communication requirements and taking a more unified approach not only delivers the insight needed to ensure consistent supply and improved asset performance but from a security perspective, it also lets operators know exactly what’s going on with the network. Therefore, in the case of a security breach action can be taken immediately to combat the threat.
Security should be a number one priority for utility providers because a breach can inflict huge costs and harm corporate reputations. A breach can also disrupt services necessary to the safety and wellbeing of consumers. Boosting mission critical security can be achieved by bringing together new technologies on a unified network that also allows utilities companies to benefit from smart grid management and control functionality while minimising the risk of vulnerabilities.
Login on register to comment
The future for vegetation management
Why networks should focus on data not trees to overcome the costly challenges involved in vegetation management
An unprecedented opportunity for change
Why short interruptions will matter in RIIO-ED2 and how to address them.
Time for less talk and more action on decarbonisation
Core "oven-ready" solutions to decarbonising heat and transport exist today and should be implemented without delay, says WPD's future power networks expert.
Related supplier content
People & Skills
‘Learning by doing’ on the road to net zero [test product]
DSO director Andrew Roper discusses 'Learning by doing'
Load patterns and lockdown: how Covid-19 is impacting electricity networks
Insights into dynamics on the low voltage network as the outbreak unfolds
Protect electrical equipment from insulation failure
Insulation faults are a major cause leading to the eventual failure of electrical equipment. Partial discharge (PD) is a very reliable indicator of developing insulation faults. Regular PD testing allows users to detect and analyze PD activity