Page 24 - Cyber Defense eMagazine August 2024
P. 24
Network Intrusion: Network communication systems of power and smart grids can be intruded through
weak security configurations like default password, unsecured remote access, or unpatched systems and
other vulnerabilities to gain control into the system.
Distributed Denial of Service (DDOS): This is an attempt to disrupt the availability of services provided
by smart grids and make them unavailable by overwhelming the system with traffic from multiple sources.
The DDOS are usually launched from malware infected hosts and could be volume-based attacks like
UDP and ICMP floods, protocol attacks like SYN flood and Smurf DDOS or Application layer attack
GET/POST floods.
Advanced Persistent Threats (APT): This is a prolonged and targeted cyber-attack whereby state ac-
tors or highly skilled cyber criminals gain access to a network and remain s undetected for an extended
period.
Vulnerabilities in Power and Smart Grids
The attack surface has significantly expanded in smart grids due to complex network of devices which
includes sensors, smart meters, smart switches, communication networks and control systems with each
of these components being a target for cyber-attacks. Increased connectivity and data exchange within
the control center and other components of smart grids make it more vulnerable to attack. Therefore, to
maintain the resilience and security of smart grids, understanding and addressing the vulnerabilities in-
herent in smart grids systems is critical.
These vulnerabilities include the following:
Legacy Systems: The continuous use of Legacy systems which are outdated technologies due to certain
constraints within an organization, poses significant risk to the security of such systems. This is because
such systems may no longer be patched for updates and may also have limited monitoring capability.
Interconnected Networks: The vast interconnection of devices and increased connectivity of communi-
cation systems of smart grids if not properly secured, make them highly vulnerable to attack.
Remote Access: The management and monitoring of grids system are usually done through remote
access. Vulnerabilities in remote access connection may be exploited by attackers to gain access into
the system.
Supply Chain Risk: Smart grids heavily rely on complex supply chain of hardware and software compo-
rd
nents which are majorly contracted out to manufacturers and suppliers. The security practices of such 3
party vendors, if not robust, may pose significant risk when integrated into the power and smart grids.
Attackers can also target the software development lifecycle by compromising legitimate software and
software updates which in turn makes the system in which they are deployed vulnerable to attack. An
example of such supply chain vulnerabilities is the SolarWinds attack (2020) where malware is injected
into routine software update.
Human Factor: Human factor is one of the most common vulnerabilities in cybersecurity framework.
Error and negligence or malicious intent by staff despite the solid technological defenses have led to
system compromise. This compromise comes because of inadequate training and awareness, poor pass-
word practices and insider threats.
Cyber Defense eMagazine – August 2024 Edition 24
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
