As the coronavirus pandemic raises the stakes for providers of essential goods and services, recommendations for smart grid security deserve a closer look. The coronavirus pandemic has forced government officials and businessmen everywhere to think about what qualifies as an essential good or service. And as reported previously, many of the manufacturers and service providers designated as essential at this time rely on cybersecurity specialists to ensure business continuity. As a result, it has become an urgent matter for essential infrastructure operators to identify their cybersecurity priorities. But what should these priorities be?
Learning a lesson from smart grids
An article published by T&D World on March 30 offers some guidance.
The article, which was written by an analyst from Transparency Market Research (TMR), focuses on security measures for smart grids – that is, systems that collect, integrate and analyze data from information technology (IT) and operational technology (OT) to optimize the production, delivery and use of electric power. As a result, many of its recommendations and observations are specific to the power-engineering industry.
The article notes that most cyberattacks on smart grids fall into one of three categories: topology, component, or protocol. It defines these categories as follows: “Topology-wise attacks target the smart grid topology by launching a denial-of-service (DoS) attack that stops operators [from having] a full view on the power system, causing inappropriate decision-making. Component-wise attacks target field components that include the remote terminal unit (RTU). The RTU is [mostly] used by engineers to remotely troubleshoot and configure smart grid devices. Protocol-wise attacks target [attacks on] communication protocols using various methods such as false data injections and reverse engineering.”
Top priorities: topologies, components, and protocols
But smart grid operators aren’t the only businesses that should be thinking in terms of topologies, components, and protocols. This three-point framework has the potential to be useful in other essential sectors as well.
For example, manufacturing plants that rely on robotics and industrial internet of things (IIoT) devices to produce essential goods are just as susceptible to topology problems as smart grids. Their performance hinges on the steady influx of operational data, and DoS attacks can block this flow. And if operators can’t count on having a complete and accurate view of their facilities, they may have trouble producing the items that are most needed.
Meanwhile, upstream oil and gas producers, which have also been classified as essential, are also vulnerable to breaches of component security. If they use RTUs to configure and monitor the systems that keep tabs on reservoir pressure and temperature, fluid dynamics, and equipment performance, attacks on field components will stymie attempts to make accurate assessments of working conditions. Such incidents would, in turn, increase the risk of overlooking irregularities that could lead to production stoppages or safety hazards.
Likewise, transportation and logistics providers (also deemed essential) have reasons to worry about problems with protocol. Many of them depend on field communications data, including but not limited to reports filed electronically by employees making deliveries and GPS data tracking the movements of fleet vehicles. As a result, violations of protocol that result in false data injection and reverse engineering of company operations have the potential to disrupt the movements of essential goods and workers.
In short, cyberattacks don’t just pose a threat to power companies; they’re also a problem for providers of many types of crucial goods and services. As such, essential infrastructure operators seeking to identify cybersecurity priorities may benefit from the work that has already been done on behalf of smart grid providers.