The U.S. electric grid continues to face a bevy of foreign and domestic cyberattack threats. Therefore, it makes more sense than ever before for utilities and transmission operators to aggressively fortify their cyber defenses. In fact, failure to do so is a classic case of being penny wise and pound foolish.
The evidence includes the following:
- On November 16, following two days of cybersecurity scenario testing by more than 250 organizations, Manny Cancel, Senior Vice President of the North American Electric Reliability Corporation (NERC) said, “The threat landscape in which we are operating is unprecedented – we are facing challenges that are increasingly difficult to detect and protect against.”
- NERC added that evolving cyber threats to the grid are “guided by geopolitical events, new vulnerabilities, changes in technologies, and increasingly bold cyber criminals and hackers.”
- China, Russia, and other countries continue to impose cybersecurity threats to the U.S. electric grid, as discussed in the Office of the Director of National Intelligence’s Annual Threat Assessment.
- Cybersecurity insurance premiums continue to rise sharply, making preventative actions more compelling from a cost-benefit standpoint.
- The shift to renewable energy and distributed resources opens additional vulnerabilities for electric utilities. As Bruce Walker, President and Chief Executive Officer of the Alliance for Critical Infrastructure Security said in July 18 Congressional testimony, “Importantly, the risk associated with cyber is exacerbated by the rapid transformational changes happening in the electric sector. The transition away from a centralized generation and command and control model to a decentralized model, has increased the surface area for cyber penetration.
The grid’s Operational Technology (OT) vulnerabilities are particularly notable. OT refers to the remote monitoring and control of components in the electric system. This encompasses supervisory control and data acquisition (SCADA) and industrial control systems (ICS) networks.
An October 2022 U.S. Department of Energy study found, “Another industry trend is increased attacker experimentation and exploitation targeting OT systems.”
The U.S. Government Accountability Office has issued a similar warning: “Grid distribution systems – which carry electricity from transmission systems to consumers – have grown more vulnerable, in part because their operational technology increasingly allows remote access and connections to business networks.”
One way to simplify critical infrastructure protection and keep OT secure is to place a device that only allows pre-defined, legitimate signals to be sent to the OT on a network. This reduces the costs of more holistic network changes. It also prevents non-specific commands from passing through a protected device.
One such system, Binary Armor, places an in-line barrier to cyber intrusion, while monitoring all communications to a piece of OT. The device is small, approximately five by three inches, and weighs less than a pound. It can be deployed throughout the distribution grid, including on main substation data lines and within substations.
Legitimate commands can pass through. Those that would cause the device to behave in dangerous, destructive ways are thwarted.
Binary Amor cannot be modified or reconfigured without physical access to the system, thereby providing robust security for remote facilities and critical infrastructure. The system allows the system operator to define the rules for SCADA/ICS traffic and to inspect every byte of information.
The scope of threats that the U.S. electric grid will continue to face are likely to rise in complexity and severity. Rather than waiting for dictates from regulators, utilities and transmission grid operators should identify important areas for cybersecurity protection, especially where there are efficient, cost-effective solutions. In this environment, OT protection is especially important and likely to be even more so soon.