Protecting electricity networks from cyberattacks: a global challenge

#Security 01.09.2018 2min Last update : 10.25.2020

The number of cyberattacks is spiraling out of control and causing a headache for business, yet sensitive sites such as nuclear power plants are also a prime target for hackers. The impact of a cyberattack against a country’s electricity network can be devastating.

Defense, aerospace and research, healthcare, utilities, electronic communications, transportation, industry… all of these sectors are vulnerable, whether at a national or supranational level. And operators in those sectors need a way to detect and protect themselves against cyberattacks.

New entry points for hackers

With the advent of devices like smart meters, the digital revolution has brought more ways for hackers to find a way in, increasingly jeopardizing the security of electricity networks across the world. “We are moving away from closed energy systems, which reveal very little information and have very little that can be done at a distance, toward more open systems where more and more is being operated remotely,” explains the French Commission for Energy Regulation.

In its annual report, the Electricity Transmission Network in France revealed that it had thwarted several attempts to breach its IT systems in 2016. The document mentions defending against around “4300 attacks, 1000 cases of spam and 200 viruses from the organization’s systems” every month. While France has thus far been spared from a major attack, other countries such as Ukraine have not been so lucky.

In December 2016, hackers managed to plunge a fifth of the country’s capital Kiev into darkness. It was a case of déjà-vu for the Ukrainian authorities, as hackers had breached the computer systems of three regional companies in the country just one year earlier.

A global threat

In the US, concerns are running as high as they are in Europe. In September 2017, cybersecurity software developer Symantec announced that hackers now have the ability to sabotage the electricity network in America. The threat that Symantec was referring to stems from a cyber-espionage group known as Dragonfly 2.0. The company had already raised the alarm about the group’s actions and detected traces of its activities several years earlier.

While the original Dragonfly campaign appeared to be a reconnaissance operation, things have moved on since – something which is worrying cybersecurity experts. Hackers are reported to have accessed energy networks in the United States, Turkey, and Switzerland, and the group “now potentially has the ability to sabotage or gain control of these systems should it decide to do so”, Symantec believes. “The Dragonfly group appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves.”

Strengthening legislation to protect vulnerable organizations

Beyond electricity networks, there are plenty more sectors that are particularly susceptible – namely Operators of Vital Importance in France and Operators of Essential Services in Europe – and exercise extreme vigilance when it comes to securing their IT systems. Incidents intending to disrupt or bring down these systems could actually harm the economy in the European Union, leading to considerable financial losses.

In July 2016, the Council of the European Union adopted the Directive on the Security of Networks and Information Systems (NIS). The legislation seeks to strengthen cybersecurity for Operators of Essential Services in several sectors, including energy.