According to new research in a Booz Allen Hamilton report, threats to the energy industry continue to escalate. As the grid gets smarter, threats increase, including damage to electrical equipment, local power outages, operational halts to production, and more.
There is an initiative underway at the Energy Department’s National Renewable Energy Laboratory (NREL) aiming to prevent hackers from gaining control of parts of the nation’s power grid, or Industrial Control System (ICS) as the Booze Allen report notes that ICS operators have reported more security incidents in 2015 than in any other year prior.
The NREL initiative calls for a transition to a more efficient and more reliable “smart grid.” This transition will have communication and control devices in distant corners of the power grid so that utilities have greater situational awareness and can respond quickly to issues.
To achieve this, the NREL built a Test Bed for Secure Distributed Grid Management, which is a hardware system that mimics the power grid. After making the test bed as secure as possible, they tried to hack it. After several months of success, the team found a single vulnerability, which was due to a misconfigured cyber security device. This one vulnerability allowed the hacker inside the system.
There are other, proactive risk mitigation approaches, such as software defined perimeters (SDPs) that have been deployed to protect power grids that would have prevented that one vulnerability from being exposed. SDP is a connection-based and application-centric architecture that allows you to hide infrastructure by disallowing access to only those legitimate users. It is core to a new security and risk management paradigm that establishes an undetectable application infrastructure often referred to as a “Black Cloud.” The primary effect of the SDP is that it transforms the application infrastructure into an effectively invisible or “black cloud” that shows no domain name system (DNS) information or IP addresses.
The nation’s electric power grids are arguably the most important assets to protect from attacks. The NREL’s experience emphasizes the need for a new, holistic approach focused on understanding the unique characteristics to reduce risk. Only through understanding the unique relationships between computers and the electric grid, and the ability to quantify failure scenarios, can we develop effective solutions that monitor what matters for mitigating risks and maximizing protection of this critical infrastructure.
Waverley Labs has direct experience architecting software defined perimeters and digital risk management frameworks specific to the power grid. Researchers in EPIC’s Duke Energy Smart Grid Laboratory working with Waverley Labs and conducted a systematic analysis of risks and associated threats to power transmission systems to identify critical points of failure. The collaboration leveraged advanced knowledge processing that integrated IT systems and cyber security data with operational and physical data. It resulted in a new and innovative solution that will enable energy companies to model consequences and quantify business impact associated with each risk.