Cybersecurity vulnerabilities result from system integrity

by Mobile Radio Technology

subscribe

Cybersecurity is a major threat to utilities' operations, said John Shaw, a senior vice president with Industrial Defender, at the Utilities Telecom Council's annual conference.

As a result, it is essential to protect the nation's electrical grid as rogue forces could use it as a weapon of mass destruction. However, Shaw doesn't believe that most security threats against the electrical grid stems from outside the nation. Instead, security breaches happen at a more practical level.

"It's about basic system integrity, malware coming in over the internet and getting on to a PC that's connected to a [utility's] control system," he said. "There's also just basic mistakes and human error."

In fact, Shaw said cybersecurity strategies should focus on deploying best practices and putting in efficient change control procedures to improve reliability, including adhering to the mandated NERC Standards CIP-002 through CIP-009 that provides a cybersecurity framework for the identification and protection of critical cyber assets.

"That's what security is about," he said. "Every time someone opens a connection they need to close it. It's also about keeping software and operating systems up to date. So we get into issues of data integrity when talking about cybersecurity."

In addition, wireless does not, in itself, make utilities more vulnerable to issues of cybersecurity, Shaw said. Although wireless does create some extent of openness, intrusion detection software protects networks. He said such defense-of-depth strategies are crucial and the use of layered security defenses in an application can reduce the chance of a successful attack. In addition, incorporating redundant security mechanisms requires an attacker to circumvent each mechanism to gain access to a digital asset. For example, a software system with authentication checks may prevent an attacker that has subverted a firewall.

Shaw said defending an application with multiple layers can prevent a single point of failure that compromises the security of the application.

"I don't think wireless by itself or decreases the threat but it does show the critical importance of having multiple layers of security," Shaw said. "In fact, just because [cyber attackers] can get through the physical access layer of wireless, and maybe get through that first encryption layer to a connection point, that should not give them very much power by itself."

Related News

social media blogger

More people are climbing dangerous hydro dams and towers in search of 'social media glory,' utility says

VANCOUVER - More and more daredevils are climbing onto dangerous dams and power stations to gain likes and social media followers, according to a new report from BC Hydro.

The power provider says it's seen a 200 per cent uptick in trespassing into restricted areas over the past five years, with many of the incidents posted onto sites like YouTube, Facebook and Instagram.

"It's concerning for us because our infrastructure has risk with it," said David Conway, a community relations manager for BC Hydro.

"There's a risk of electrocution in regards to our transmission towers and our substations ... and people can be…

READ MORE
frisco solar power

Flowing with current, Frisco, Colorado wants 100% clean electricity

READ MORE

hydrogen electricity

Is Hydrogen The Future For Power Companies?

READ MORE

edmonton electricity meter

Electricity prices spike in Alberta

READ MORE

working at home during locakdown

Electricity demand set to reduce if UK workforce self-isolates

READ MORE