Attacks on Mission-Critical Power Infrastructure: Why Cybersecurity Is Necessary

When mission-critical power infrastructure goes down, there’s always an impact: disruption to business, communications, transportation and even vital medical care.

As long as countries have had energy grids and power infrastructure, they’ve been vulnerable to incidents that cause downtime. Decades ago, these events may have involved a tripped transmission line, an incorrect setting on a protective relay, an act of vandalism or nasty weather.

Today, utilities continue to grapple with these threats while juggling new pressures, including cyberattacks. These malicious and deliberate attempts at disrupting or destroying data and/or information systems may be spearheaded by other countries, hacktivists, lone hackers or even organized criminals.

According to research conducted at the end of last year, 2022 set an all-time high for the number of cyberattacks on utilities that took place in a single year. 

When it comes to the threat actors that utilities will face tomorrow … who knows? But, no matter the cause, losing power will always be bad news.

As utilities continue their digital journeys, connecting systems to networks to make equipment and data more accessible, their attack surfaces swell while cyberattacks grow. The opportunity for remote assaults also increases. Bad actors from halfway across the world can use remote connectivity with high levels of intelligence and craftiness to bring down mission-critical power infrastructure.

While the industry continues to advance, and cyberattacks become more frequent, securing power infrastructure ecosystems and boosting cyber resilience are the only ways to prevent widespread and potentially disastrous outcomes.

A tale: How I realized the value of cybersecurity for utilities

In a previous role several years ago, I remember visiting one power facility in particular. Before I could set foot onsite, I went through an extensive background check. Upon arrival, I walked through a gate secured by armed guards. Before touring the facility, I went through training. As I explored the facility, the staff pointed out a light near the doors: When illuminated, it indicates the possible presence of a physical breach to the facility—my guide used an active shooter as his example. It was clear to me that the plant placed lots of value on its critical infrastructure and was taking steps to protect it. Everyone seemed to have a heightened level of awareness regarding potential threats.

That evening, when I returned to my hotel room, curiosity got the best of me. After doing some simple research, I discovered that some critical infrastructure equipment was openly exposed, using insecure protocols and lacking authentication or security measures to protect them. It was eye-opening—and a good reminder that security at every level is critical to mitigate the potential for negative outcomes.

Rewind to the early 2000s and cybersecurity in the form of Critical Infrastructure Protection (CIP) standards developed by the North American Electric Reliability Corporation (NERC) began to form, bringing cybersecurity up as well as physical security.

The lesson? Don’t forget about the basics. With innovations like artificial intelligence, robotics and virtual reality on the horizon, now is the time to make sure you have the right foundation in place. Otherwise, your advanced technology and processes will fail. Here are some pointers.

1. Use NERC CIP as your compass

The Critical Infrastructure Protection (CIP) standards ensure that electric utilities have the right physical and cybersecurity measures in place to protect their critical infrastructure from threats.

While these are compulsory with some real consequences for non-compliance, understand the intent behind the requirements, give thought to what protection is intended and work hard to deliver that protection. They have helped the industry make dramatic improvements to protect critical infrastructure by providing prescriptive guidance in categories like:

• Control center communications
• Incident response
• Network security
• Personnel and training
• Physical security of cyber assets
• Recovery plans
• System security controls
• Vulnerability management

These standards provide the framework to secure your critical infrastructure.

2. Build and rely on your professional network

While you don’t have to give away trade secrets, having a trusted network of like-minded peers in the power transmission and distribution industry can be valuable to your cybersecurity practices.

It provides a chance to talk about what’s working and what isn’t, share the threats you see in the new digital landscape, explore what other utilities are trying and learn and discuss best practices.

If you don’t have a group of colleagues that you currently network with, consider establishing one to support:

• Information sharing and collaboration on identifying and mitigating cyber threats
• Sharing access to resources, tools, training and expertise that can help advance the industry
• Acquiring advice on tough challenges or new situations

3. Explore and prepare your power infrastructure

Good power infrastructure is the foundation for everything: reliability, operational efficiency, customer satisfaction, safety and even sustainability.

The future of utilities is all about connectedness. Your mission-critical infrastructure needs to be ready to support innovations like:

• Cross-enterprise device integration and data flow for real-time transparency, monitoring and performance alerts
• Remote monitoring, operation and inspection
• Seamless communication and collaboration across the utility, from the corporate office to the field
• Predictive maintenance to optimize equipment repair and replacement 
• Smart scheduling for equipment and labor to improve resource allocation
• Gain more intelligence and insight from substations to improve decision-making

As technologies and applications like these continue to roll out, they will need to be supported by robust, high-performance telecommunications systems that can manage heavy increases in network traffic and bandwidth consumption.

For example, most utilities have relied on TDM (time-division multiplexing) as their backbone technology to transmit data across networks. As smart grids and smart substations become prolific, however, TDM is becoming obsolete. It can’t support modern communications protocols or keep up with bandwidth requirements.

MPLS-TP (multiprotocol label switching – transport profile) is the best option to replace TDM. It can support legacy systems and next-gen smart grid applications and transport most forms of traffic, including traditional serial-based technologies and IEC 61850 packet-based intelligent electronic devices.

Belden: your partner in protecting mission-critical power infrastructure

Belden’s in-house industry experts have decades of experience in helping utilities prepare for the future while maximizing current investments in legacy technology. Our digital automation consultants, solution consultants and solution architects understand the intricacies of the utility market, have worked in the field and have experienced your challenges first-hand.

After understanding your situation and environment, our Customer Innovation Center works closely with you to assess network strengths, deficiencies and workflows; define your goals; outline your best opportunities to increase value and meet KPIs; and present a holistic view of implementation costs and a blueprint that acts as your digital transformation guide.

Related resources:

Power Companies: How to Maximize Your Legacy Networks While Minimizing Downtime

MPLS-TP for Utilities: It's Time for New Backbone Technology

Explore the 5 Main Advantages of Digital Substations