Grave cyberthreats to the utility infrastructure

23rd August 2018
Posted By : Enaie Azambuja
Grave cyberthreats to the utility infrastructure

The modernisation of utility infrastructures is enabling increased efficiencies and reliability through digitisation, connectivity, and IT-based approaches. Smart cyber assets are transforming both power and water grids, allowing operators to deploy and leverage a new generation of functionality and customer services.

However, smart utilities are also highly vulnerable to cyberthreats, and security is, therefore, a primary concern, stated ABI Research, a market-foresight advisory firm providing strategic guidance on the most compelling transformative technologies.

Unfortunately, digital security remains largely unimplemented during utility modernisation due to cost, resource, and time constraints. This is exasperated by issues with adapting cybersecurity to OT environments and an overall lack of knowledge and expertise in bridging these divides.

Further, public sector efforts have petered out since 2012-2013, when both the United States and European Union were actively driving national cybersecurity strategies.

The current U.S. administration seems to have dropped cybersecurity from its list of priorities, and the European Commission is struggling to get its NIS Directive off the ground and obtain adequate funding for ENISA to fulfill its mandate. Most of the EU member countries have not taken the NIS directive to cyber-secure critical infrastructure seriously.

“It seems that the United States and the European Union have forgotten that cybersecurity needs to be a continuous effort, not a one-time announcement to tick all the boxes,” said Michela Menting, Research Director of Digital Security at ABI Research."

"The lack of sustained public support sends a deflated message to operators in the field about the importance of cybersecurity. “Worryingly, both power and water utilities have reported advanced persistent threats which exploit flaws in industrial control systems.

More critically, run-of-the-mill cyberthreats such as ransomware and DDoS attacks are increasingly affecting operator’s cyber-assets, both on the back and front-end. Cybersecurity must be a concerted effort by all stakeholders, including the public. With only partial support, the risks intensify,” warned Menting.

While power and water grid stakeholders will spend over US$8bn globally on cyber-securing utility infrastructures in 2018, only a small portion of that will be dedicated to operational technologies and smart systems.

Grid modernisation efforts are an ideal time to start designing and integrating digital security and provide an opportunity for adapting existing mechanisms and processes to the OT space - from industrial control systems to smart meters.

“Operators and other stakeholders should remain firm in their commitment to cybersecurity, despite the backseat public support. Fortunately, from a private sector perspective, a growing vendor ecosystem - including companies such as CY-OT, ForeScout, Nokia Networks, Nozomi Networks, OSIsoft, Radiflow, Sierra Nevada Corporation, SkyBox Security, and Smart Energy Networks - is emerging to hopefully address these issues,” Menting concluded.

You must be logged in to comment

Write a comment

No comments

Sign up to view our publications

Sign up

Sign up to view our downloads

Sign up

Vietnam International Defense & Security Exhibition 2020
4th March 2020
Vietnam National Convention Center, Hanoi