Guarding the Grid: Cyber Barriers to Grid Digitalization

The World Economic Forum lists cyberattack risk in the top 10 regarding likelihood and impact worldwide. Cyberattacks are becoming increasingly sophisticated, targeting automated smart devices as a gateway into larger computing networks. 

While grid digitization offers many benefits, the rapid growth of connected devices like electric vehicles in a digitalized grid could create more gateways for cyberattacks. To combat this, systems to protect against cyberattacks must progress at the same rate as digitalization developments. Cybersecurity is a significant technical barrier to overcome before a larger digitalized rollout can happen across the grid.

Cyberattacks are a growing risk for the digitalized power grid. Image used courtesy of Unsplash

Smart Grids and Cyberattacks

Grid digitalization aims to bring the physical and digital worlds together to improve operational efficiencies, optimize grid performance, manage the integration of renewable energy sources, and meet the ever-changing consumer demands.

Many moving parts must come together, and numerous technical barriers hamper efforts to create a decentralized system. As more systems, devices, and networks become intertwined and better connected, the chances increase that these digital networks become targets for cyberattacks—especially when new technologies are being leveraged in areas where legacy equipment has existed for decades. Often, no robust IT security protocols are in place.

Cyberattack threats on a connected grid. Image used courtesy of Public Utility Council of Pennsylvania

Why Cybersecurity Threatens the Power Grid

As infrastructure shifts toward automation, systems are moving online and becoming digitally connected. This presents cybersecurity risks, creating more potential openings for hackers to exploit, gaining access to the wider IT network. Cloud computing and open-protocol standards exacerbate this risk. A hacker or anyone who gains access to a decentralized data center can harvest and use this data.

Increasing the power grid’s connectivity and automation levels will naturally make the grid more vulnerable to cyberattacks. However, the main problem is the connectivity the energy industry shares with the wider society. The power grid is interconnected with many other critical infrastructures and services, so cyberattacks using the grid as a gateway could potentially threaten many aspects of society.

Bringing Together Multiple Players Against Cyber Threats

Cybersecurity barriers are multifaceted, and technical, human, and economic factors must work together to remove them. Cyberattacks are a particular concern for distribution system operators (DSOs), so keeping up with the system’s evolution and mitigating threats will be critical. This task will be particularly difficult because many DSOs do not share data, so trying to build a united front against different attacks without sharing data about each attack presents some challenges.

Few cyberattacks have disrupted power systems. To date, cyberattacks have been smaller than other disruptions in the energy sector, such as power outages from storms, equipment failure, or operational errors. The first cyberattack came in 2015 when Ukraine’s grid was targeted, and 30 substations were offline, leaving 225,000 people without power.

Cyberattacks in the energy industry, 2023. Image used courtesy of KonBriefing

Different frameworks within the industry have been developed. Still, many strategies have limited real-world impacts toward mitigating risk because they rely on voluntary initiatives from active organizations within the power sector. Combating grid cyberattacks will depend on policymakers, regulators, system operators, and organizations across the electricity value chain coming together to tackle challenges as one.

The Potential Impact of Cybersecurity Attacks

Power grids operate in real time, and electricity availability and grid reliability are two major priorities for operators. If cyberattacks happen, the industrial control systems must react within a fraction of a second, so robust and authenticated cybersecurity procedures are required to support the underlying industrial control system functions. 

Cyberattacks pose many risks if security systems don’t react quickly enough to a threat. The real-time nature of electricity means common cyber-prevention methods, such as installing patches and rebooting, are much more complex than other system networks. Unlike other industries, it’s not possible to temporarily take out grid operations because of the impacts shutting down would have on the electricity supply.

Electricity systems also have the potential to cascade if a cyberattack occurs. Since systems from individual parties are interconnected to the wider grid for sharing operational and planning information, any cyberattack could affect the targeted company or party and cascade across digital networks, causing outages in multiple IT systems. A single attack on something digitally connected to the grid could cause large-scale outages.

However, a grid outage doesn’t just affect the electricity companies but also other critical services relying on electricity, such as hospitals. Cyberattack outages could directly damage assets and infrastructure, causing a decline in revenue for electricity supply companies and many businesses and potentially resulting in billions of dollars in damage. The costs of dealing with cyberattacks— detection, investigation, containment, and recovery—further compound economic damages.

Most electrical infrastructure—such as power plants and transmission and distribution systems—are legacy equipment. These systems have operational lifetimes beyond 50 years, so modern-day electrical systems contain a mixture of old technology and new digitalized technologies. Legacy equipment was never connected digitally, but retrofitting approaches enable old equipment to come online. However, if robust security measures and cyber resilience protocols are not implemented alongside these digital connections, they will become an easy and vulnerable target for hackers. 

Cyber Resilience Will Be the Way Forward

Fully preventing cyberattacks on a digitally connected power grid is a lofty goal and, in all reality, impossible. However, systems can become more resilient to attacks over time by learning from attacks and implementing protocols to mount a more robust defense and designing systems to absorb the attack and recover quickly to preserve infrastructure operations. Adapting to new threats and finding ways to block the bulk of attacks are key to building cyber resilience.

Learning from past incidents can help prepare for future risks. Image used courtesy of Federal Emergency Management Agency

However, the dynamic and constantly evolving infrastructure presents a challenge in justifying the expenditure on staff, tools, and cyber insurance policies. While data is not always shared with parties, building cyber resilience will hinge on different departments and parties reporting any risk and not confining the details to a specific department.

The constant change in cyber threats means all organizations within the electricity ecosystems must continuously monitor and evaluate their vulnerabilities and take appropriate action if a threat is discovered. If attacks do happen, documenting them will help build better cyber resilience within the energy industry, as preventative and corrective measures can be put in place to prevent damage in any future attacks. 

Sharing information within the wider energy ecosystem is important for cyber resilience in a digitalized power grid, as information from learned experience can be shared between parties to prevent similar attacks at other entry points within the energy industry’s IT networks. Achieving a high level of cyber resilience will involve a multi-pronged approach from those working within the power grid, DSOs, policymakers, regulatory authorities, and other stakeholders coming together to tackle challenges head-on.

Part 2 in the series examines how renewable energy, decentralization, and smart technologies are digitally transforming the power grid, paving the way for distributed energy resource management and a smart grid with greater resilience and flexibility.