Can we secure the cyber-physical domain?

Today’s modern societies rely on highly complex networks of critical infrastructure to provide supplies and services.

These include information technology, telecommunication, transport and healthcare – all fuelled by electricity.

Mathias Steck, Regional Manager, Digital Consulting & Smart Cities, Asia, DNV - Digital Solutions
The seven phases of a cyber attack - In the cyber security industry, we are seeing a change in the way that hacks are being performed. See link to the article below.
When hackers hack, fight back - with these six steps. See link to the article below.

Powered by digitalization

What makes these technologies increasingly efficient is their increased interoperability – powered by digitalization. And we are just at the early stage of this today. As outlined in my earlier article, Utility was yesterday. Tomorrow is Internet of Electricity, sophisticated machine learning processes and artificial intelligence will take control to optimize ecosystems on an entire system level, for the best possible outcome. Our interaction with these systems will become increasingly intuitive – or even just guided by our behaviour, without any need for direct input.

Vulnerability

These great levels of optimization and comfort come potentially with a high price: vulnerability. If one critical pillar of this highly-sophisticated system fails, this can lead to a chain reaction potentially impossible to control. One of the weakest links is electricity networks – from generation and transmission to distribution and loads. The electricity networks are – in the majority – overaged and consist of a whole zoo of technologies as potential entry points and hence provide an excellent surface for cyber attacks. The increase of new connected devices, such as smart meters installed in every home, electric vehicles and the Internet of Things (IoT), is expanding this attack surface dramatically. In an increasingly digitized world, where anything and everything relies on the availability of electricity, this poses a significant risk to society at large.

Large scale blackout

The German government has tasked the Office of Technology Assessment at the German Bundestag to assess the risk of the impact on modern societies of a large scale blackout. The summary is: Life becomes uncomfortable within very few hours, and life-threatening in less than a day. Beyond that point, society  sequentially collapses - under dreadful conditions. If you are interested in a fictional vision of that matter, listen to Marc Elsberg’s audiobook Blackout – Tomorrow Will Be Too Late.

While the title of this book sounds like a Hollywood movie plot, unfortunately it’s a possible scenario. The potential impact is massive. Today’s electricity grids are designed towards the requirement of maintaining the balance between loads and generation. If multiple utility-scale generators are targeted and compromised, it could potentially break up the power system and lead to a complete blackout. Hence power plants are a prime potential target for cyber threats.

Sophisticated capabilities on information technology

To stay ahead of the invaders it becomes critically important that cyber security measures are not only focusing on the attack vectors on the information technology side, but that deep and detailed subject matter expertise on the operational technology is combined with sophisticated capabilities on information technology. To safeguard life, property and the environment in the cyber-physical domain requires industry experts that are on the forefront of digital and the latest cyber security threats, combined with a heritage of deep industry insights that cover the decades during which current technology was deployed. A real-life event supporting this statement is the 2017 attack on a power plant in Saudi Arabia: Hackers halt plant operations in watershed cyber attack.

Further readings:

The seven phases of a cyber attack
When hackers hack, fight back - with these six steps

Author:

Mathias Steck, Regional Manager, Digital Consulting & Smart Cities, Asia
DNV - Digital Solutions

6/22/2018 3:44:19 PM

Contact us

How can we help you?

Contact us

Find out more

  Cyber security services

Cyber security services

Ensure that your industrial control systems are cyber security ready

  The seven phases of a cyber attack

The seven phases of a cyber attack

In the cyber security industry, we are seeing a change in the way that hacks are performed

  When hackers hack, fight back - with these six steps

When hackers hack, fight back - with these six steps

  Ethical hacking

Ethical hacking

The white hats in DNV cyber security services

 

Cyber security awareness

in the Maritime Industry

 

Follow DNV - Digital Solutions

on LinkedIn

How can we help you with cyber security?

Contact us