In the process of digitization of electricity grids towards smart grids, the increase in communications between the devices that compose it extends the challenges faced by electricity grid operators to the field of cybersecurity
Within the urban transformation processes, working with the city’s electricity and energy supply is one of the key points for the success of a Smart City. In fact, in many cities, solutions have been implemented for years to transform the grid into a smart grid, which is an energy supply system that uses communication and information technology to improve the efficiency, safety and resilience of the electrical system.
In general, the main components of a smart grid include the same elements as a “conventional” grid, adding communications and technology elements to improve its efficiency and optimize resources, so that:
- On the power generation side: A smart grid can more efficiently use different energy sources, such as solar, wind, hydro or thermal to generate electricity, whereas a normal power grid usually relies mainly on fossil energy sources such as oil, gas or coal.
- In the transmission and distribution process: Electric power is transmitted through high-voltage transmission lines to consumption areas, and distributed to end consumers through low-voltage distribution lines, reaching homes and businesses. The monitoring of these through the Smart Grid is made more precise.
- In monitoring and control: smart grid monitoring and control systems enable real-time monitoring of energy supply and consumption, allowing energy generation and distribution to be adjusted more efficiently. In a normal power grid, these systems are less advanced and do not allow the same degree of control and adjustment.
- In communications systems: Smart Grid communication technology is an essential part of interconnecting and controlling the different components of a smart grid. These often rely on wireless communication to transmit data and control the power supply, which already brings us into the issue of cybersecurity risks, as wireless communications can be vulnerable to interception and blocking of signals.
- In the energy storage: The energy storage systems of a Smart Grid, such as batteries, are used to store the energy generated by renewable sources and use it when needed, something that is not possible in a conventional power grid.
- In information and management systems: Smart grid information and management systems are needed to process and analyze the information collected by sensors and grid monitoring elements, allowing operators to make decisions based on this information in real time. Many smart grids use permanently connected devices, such as sensors and smart meters, to collect real-time data and monitor the supply that is currently on the grid. At the cybersecurity level, this is another area to pay attention to, as these devices can be vulnerable to cyber attacks if they are not adequately protected or if they are used/installed/configured inappropriately.
- At the inter-grid interconnection level: A smart grid is more interconnected and can communicate and transfer power between different components and systems more efficiently. In general, conventional power grids are less capable of interconnecting with other grids and their interoperability is less advanced.
If something is connected to the Internet, there is always a danger of cyber attacks
Although the evolution of electricity supply systems towards their “smart” counterpart has many benefits, its implementation has also made us aware of the cybersecurity dangers that are important to keep in mind when operators, distributors and consumers of energy are so dependent on it.
Because smart grids are connected to the Internet and use wireless communication technology, they are vulnerable to attacks by hackers who can infiltrate the system and cause damage, for example by using malware to infiltrate the system and take control of critical equipment such as transformers and electrical substations, which could lead to power outages and damage to infrastructure.
It is an ongoing process that still requires work on the part of all those responsible and the companies that operate them to close the vulnerable points that Smart Grids present. Two years ago, for example, researchers from Tarlogic, a Galician cybersecurity firm, presented the results of an investigation in which they had detected serious vulnerabilities in the smart meters used by electricity companies to control and record their customers’ consumption.
The main problem was the total absence of encryption in some cases and the ease of access to basic passwords that would allow a potential attacker to take control of a network of meters and give extremely dangerous orders for customers with low-power electricity meters (up to 15 kW): cut off the electricity, modify the power, alter consumption, modify the contract, etc.
Since the meters also communicate with the distributor through a device called a data concentrator, which is located in the transformation centers, alleged attackers infiltrated the network and gained access to a potential number of critical equipment and systems for the operation of the entire Smart Grid, since both elements, meters and concentrators, are part of these smart grids.
In this case, Tarlogic was able to demonstrate that these data concentrators can also be controlled by a hacking technique that starts at the very socket of a home. From the toaster socket, it is therefore possible to “direct and manipulate an indiscriminate number of smart meters,” according to the report.
DoS against large infrastructures
The possibility of denial-of-service (DoS) attacks is another risk inherent in smart grids. A DoS attack occurs when a server or network is flooded with bogus traffic, causing it to become overloaded and stop working. If this type of attack is carried out against a smart grid, the most likely effect is the interruption of power supply to the entire area that is controlled by the systems that have been compromised.
And it’s not something that hasn’t already happened. Last May 2021 we learned that the DarkSide network had conducted a ramsonware attack that crippled all operations of the most important oil pipeline in the U.S., which carries 45% of the East Coast’s fuel supplies and compromised the operations of the seven most important airports in the country.
It is a reality that ransomware is increasingly moving towards critical infrastructures, Smart Grids among them, and there is even talk of “killware” as a specific type of malware for this. Although for the time being this is not aimed at threatening people’s lives, there are exploits that have the ability to interact with the physical world and paralyze, as we have seen in the US, oil pipelines, or alter and interrupt the electricity supply to large populations and national strategic targets.
Gathering sensitive information
A third section of Smart Grids cybersecurity is related to access to the information present in them. In addition to the damage to the infrastructures themselves, and given that all the data on the supply and use of the Smart Grid is stored in the management computer servers themselves, cyber espionage is another headache for those responsible for grid security. The most likely scenario is one in which an attacker infiltrates the power grid and collects confidential information, energy consumption data and usage patterns of individuals and companies, in order to use them for malicious purposes. Basically this jeopardizes the privacy of users and exposes electricity companies to security and financial risks.
In March 2021, the company I-DE Redes Eléctricas Inteligentes, an electricity distributor of the Iberdrola group, explained to its customers, through a statement, that it had suffered a cyberattack and that the user data exposed as a result of this incident included important information such as name and surname, ID card number, address, telephone number and email address of users and subscribers.
Some basic security measures for Smart Grids
Knowing the risks is as important as knowing how to prevent them. Therefore, to protect against these cybersecurity dangers, it is important for utilities to implement appropriate security measures that cover a wide range of solutions:
- Firewalls and network protection: these are systems that help block unwanted traffic and protect smart grid systems from potential attacks.
- Threat monitoring and detection: By constantly monitoring the power grid, potential attacks are more easily detected and appropriate security measures are taken more quickly.
- Incident response plans: Having incident response plans in place in the event of a DoS attack or any other threat to smart grid security greatly increases the likelihood of minimizing the effects of cyberattacks. These plans should include measures to restore the normal operation of the grid in any possible scenario in which the grid has been disrupted.
- Employee training and awareness:The human factor is the most important, hence employees working in grid management need to be familiar with security practices and know how to detect and prevent possible attacks.
- And, not least, regular testing to ensure that the network is protected against potential vulnerabilities is a prevention and protection mechanism that needs to be active at all times.
In the end, new technologies for energy efficiency and digitization in distribution networks help the deployment of smart grids, and communications and data exchange between network elements facilitate optimal use of resources, demand management and network quality. Its development and implementation obviously brings many advantages for the development of communities and cities, as well as implies making us aware of the vulnerabilities that its implementation can bring us. The field of cybersecurity in these environments has been putting into practice and developing effective protocols for dealing with cyberattacks for years, which, in general, can be mitigated and counteracted fairly quickly to avoid the damage to the population that they can cause.