The electric grid is considered to be among the most critical infrastructure in the world. However, each year, energy and electric utilities are exposed to more sophisticated and more frequent cyber attacks, and constant probing by hostile nation states has been reported.
Disruption to the grid can have far-reaching consequences, and cyber security is of paramount importance. Critical Operational Technology, or OT, assets have traditionally been protected from cyber attacks by maintaining an effective air gap in the communications network. Most controls over the actual grid were manually applied, not automated. And disaster planning focused on storms and catastrophic physical events rather than cyber events.
All of this is changing. Control system architectures are being connected to traditional enterprise IT networks (Ethernet, Wi-Fi, etc.), and device manufacturers are building OT devices and industrial control systems on top of common operating systems such as Windows, Linux, Android and VxWorks. The automated capability of these systems is increasing exponentially. Today’s utility network world includes smart metering Head-End Systems hosted in the cloud, billing platforms connected to metering infrastructures, smart meters supporting DNP3 protocols that now act as a sensor on the distribution network. All of these changes increase the risk that control systems can be compromised by sophisticated threat actors using cyber attack techniques borrowed from the world of IT. In short—what threatens IT now threatens OT.