A cyber-takedown of the Ukranian electricity grid in December of 2015 has sent the cybersecurity industry spiralling. Since then, governments across the globe have been equipping themselves with cybersecurity firms that will try to ensure a takedown of a similar nature doesn't occur. What is apparent is that governments need some pretty efficient firewalls to ensure that criminals can't take down their country's power grids with complex lines of code. Industrial control systems being interceptable by outside forces poses a big risk for the future of ensuring the safety of grids. It's all about the smart-grid now, but is it smart enough to ensure that hackers don't take them down?
The United States' Office of Electricity Delivery & Energy Reliability said: "Addressing cybersecurity is critical to enhancing the security and reliability of the nation's electric grid. Ensuring a resilient electric grid is particularly important since it is arguably the most complex and critical infrastructure that other sectors depend upon to deliver essential services."
So what have the US government done to secure that a virtual takedown doesn't happen? They put the U.S. Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) to work and learned from the loopholes that allowed hackers to take down the Ukranian power grid.
Robert Lee, a former cyber warfare operations office for the U.S. Air Force spoke to Spectrum, saying: "Everything about this attack was repeatable in the United States. While their security wasn't awesome, it definitely wasn't below the industry standards."
America has a Critical Infrastructure Protection standard that protects the country's important SCADA systems. But professionals are saying more powerful firewalls are needed to make sure the SCADA systems never get touched. Experts warn that the more "smart meters, electric car chargers, rooftop solar installation, and other intelligent devices" open the grid up for attack.
DNP3 protocols allowing communications across substations and field devices are the entry points that need to be continually monitored for potential hacking. Using open source extensions like DNP3 SCADA, the utility can set up alarms. Alarms enable utilities to monitor intrusion on a network that is in the process of being hacked. However, experts say the willingness of utilites to embrace DNP3-compatible extensions that monitor intrusion have only been adopted by four or five utilities in the US. Experts also warn that not enough utilities are taking cybersecurity seriously.
