Opinion

Defending power grids from cyber-attacks a global priority

 
The rapid increase in the number of consumers using electric vehicles, gadgets and home appliances besides power intensive industries continues to push the demand for more power generation globally. While national power companies focus on producing more clean electricity to meet the rising demand, the threat of cyber-attacks on stations and national grid looms.

The global presence of different types of cyber criminals calls for understanding cyberterrorism. Oxfordreference.com defines cyber-terrorism as “the use of cyberspace by organisations with the intentional aim to promote terrorist propaganda, recruitment, incitement, revenue generation, training and acts of disruption.” Wikipedia defines cyberterrorism as “the convergence of cyberspace and terrorism”.

In simple language these definitions mean a person or a group with malicious intent use cyberspace to attack computer(s) and network(s) set up and used by other individuals, corporations and governments. They are illegal attacks and threats of attacks against computers, networks and servers that store critical data. Cyberterrorists do such criminal acts to achieve their political or ransom goals by intimidating or coercing corporations or governments or its citizens.

Five different types of cyberterrorism attacks include -- incursion, destruction, disinformation, denial of service and defacement of websites. Their methods and objectives may differ. Common to all is disrupting routine life and in extreme cases colossal destruction of infrastructure and mass killing of people.

Government heads, lawmakers, security chiefs and citizens have reason to worry about the threat posed by cyberterrorism. The threat is real and imminent. The sideshow of hacker attacks in the ongoing Russia-Ukraine War confirms this reality.

While the belligerents engage in traditional air, ground and sea warfare, sinister terrorists working in the shadows could cripple critical military, financial, stock exchange and central banks computer systems and national networks.

Recent history shows hackers or cyber criminals or terrorists target high-profile countries. China suffers 41 per cent of the world’s attacks, US comes a distant second with 10 per cent, followed by Turkey 4.7 per cent, Russia 4.3 per cent and Taiwan 3.7 per cent.

Whether lone ranger hacker or cyberterrorist the threat to national electrical grids is high. Prolonged power breakdown for days could disrupt the routine lives of millions of citizens besides crippling the country’s economy. Such acts could paralyse industries, manufacturing and Internet networks.

According Semiconductor Engineering [SE], a group that offer insights into the tech industry, “The European Network of Transmission System Operators for Electricity (ENTSO-E), that represents 42 European transmission system operators in 35 countries, was hacked in 2020. Other successful cyberattacks include the one on Russian power grid in 2019 and Saudi Aramco petrochemical plants in 2017.

Ukraine’s cup of woes is not recent. A cyber-attack on its power grid seven years ago in 2015 disrupted the routine lives of more than 200,000 households. Another attack followed one year later. The hackers who broke through Korea Hydro and Nuclear Power, the South Korean nuclear and hydroelectric company in 2014 posted plans and manuals for two nuclear reactors online and exposed 10,000 employees’ personal data.

In other words, cyberattacks can happen anywhere and at any time, and with this level of capability, no entity is immune, says John Koon, author of SE’s insight paper.

The good news is the real threat of cyber-attacks has spiralled the growth of software and hardware security companies that offer a safe working environment from chip to cloud to crowd.

GCC countries are a step ahead with Smart Grid Security that has systems and services to secure smart power grids, communications and information technology. It is safe, reliable, efficient and a new form of clean energy distribution throughout the grid. It uses system protection tools such as antivirus, antimalware, firewalls, identity and access management, intrusion detection and data loss prevention to lower likelihood of power grid collapse.

[Sudeep Sonawane, an India-based journalist, has worked in five countries in the Middle East and Asia. Email: sudeep.sonawane@gmail.com}