Page 25 - Cyber Defense eMagazine August 2024
P. 25
Real World Examples of Cyber-Attacks on Power and Smart Grids
Due to the digital evolution of electrical power systems, power and smart grids are increasingly becoming
ground zero for cyberwarfare. Over the past two decades, several attacks have been launched against
smart grids resulting in outages and financial loss resulting from payment of huge ransom. Example of
such is the attack on Ukraine Power Grid in 2015 in which BlackEnergy malware was used to compromise
three Ukrainian distribution system using spear-phishing email. The attacker gained access to the Su-
pervisory Control and Data Acquisition (SCADA) systems and compromised the circuit breaker remotely
and disabled the UPS and Backup. Also, in 2016, Ukrainian transmission station was targeted by a cus-
tom-built malware named Industroyer which compromised the Industrial Control System and disrupt
power distribution for about an hour. In the United States, Florida Municipal Power agencies were also
targeted in June 2021 using phishing and remote vulnerabilities as attack vectors. While the attackers
gained some level of access, the attack was mitigated before it could cause catastrophic effect. These
cases underscore the importance of security strategies and best practices in power and smart grids man-
agement.
Security Strategies and Best Practices for Managing Power and Smart Grids
Cyberattacks on power grids and smart grids have become more frequent and sophisticated in recent
years and can have devastating consequences which include blackouts, economic losses, disruptions to
vital infrastructure, and theft of sensitive data. Therefore, there is a need to put in place sound security
strategies and best practices to safeguard this critical infrastructure from attack. Some security strategies
and best practices for power and smart grids are discussed below.
Risk assessment and management: Risk assessment and management plays a vital role in the security
of power and smart grids as they help to detect and mitigate vulnerabilities and help in incidence re-
sponse. Implementing Risk assessment and management using the NIST Interagency Report (IR) 7628
Revision 1 which provides a comprehensive framework for securing smart grid systems will go a long
way in securing this critical infrastructure.
Defense-in-Depth: Implementing a layered security approach using various security controls and proto-
cols (firewalls, encryption, IDS, IPS, SIEM, access controls) will enhance the security posture of smart
grid systems.
Vulnerability Assessment and Penetration Testing: Detecting inherent weakness in smart grid sys-
tems before an attacker does through comprehensive vulnerability assessment and simulation of real
attack to discover vulnerabilities that are hidden and remain undiscovered by automated scanning will
allow those security lapses in the system to be tightened before they are exploited on by attackers.
Patch Management: Apart from ensuring system reliability, effective patch management also reduces
attack surface. It is more cost-effective to proactively address vulnerabilities in smart grid through effec-
tive patch management than to reactively mitigate the resultant effect of security breaches.
Network Segmentation: Segmentation of communications network system of a smart grid system in-
hibits lateral movement preventing attacker from gaining access to the entire system in case of breach
thereby minimizing the impact of the attack. It also helps remediation as focus can be only on the com-
promised segment.
Cyber Defense eMagazine – August 2024 Edition 25
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
