By: Craig Badrick on April 3rd, 2018
How Vulnerable Is Our Energy Infrastructure?
Energy in America is a contentious political issue, but all parties agree that our energy infrastructure is far too vulnerable to foreign and domestic cyberthreats.
Energy professionals and politicians today are devoting more time than ever to not just optimizing our national energy infrastructures, but protecting it from cyberattacks as well.
Experts are developing new solutions and plans of action for combating hypothetical hacks, and with good reason: a recent Accenture study revealed that some 63% of the world’s top utilities executives believe there is moderate to serious risk of a major cyberattack on the electric grid in their country within the next half decade. The report suggests that North American countries are even more worried, with more than 75% of executives expressing relative to extreme concern about cyber security.
A National Effort
President Trump’s proposed 2019 budget includes $2.5 billion allocated for energy programs — a $1.9 billion cut from the 2017 budget. Yet the Trump administration has signalled that it is making cybersecurity a priority, setting aside $96 million in funding for DOE energy security and cybersecurity efforts. Additionally, The Office of Electricity Delivery and Energy Reliability has reaffirmed its goal to have “resilient energy delivery systems...designed, installed, operated, and maintained to survive a cyber incident while sustaining critical functions” by the year 2020.
It’s clear that all parties involved are quickly coming to grips with the gravity of a potential attack. In mid-February, Secretary of Energy Rick Perry announced plans to establish a new branch of the Department of Energy (DOE): the Office of Cybersecurity, Energy Security, and Emergency Response (CESER). It will extend the current security-related responsibilities of the DOE and its primary focus will be on “energy infrastructure security.”
As its name indicates, the department will address a wide range of energy security issues, including initiatives on cybersecurity for the grid and “early-stage R&D at national laboratories to develop the next generation of cybersecurity control systems.”
Secretary Perry’s announcement comes on the heels of his rejected 2017 proposal to subsidize coal and nuclear plants in an effort to help them compete with renewables and natural gas. The DOE marketed NOPR as a way to reinforce the reliability of the electrical grid, which even the Obama administration’s DOE admitted was less reliable than was once popularly thought, and is becoming progressively more susceptible to cyberattacks.
But just how vulnerable is America’s energy infrastructure?
Good Cause for Concern
The increasing digitalization of the grid has heightened the exposure of the energy sector to potential dangers. As the DOE’s 2016 report proclaimed, “Cyber threats to the electricity system are increasing in sophistication, magnitude, and frequency. The current cybersecurity landscape is characterized by rapidly evolving threats and vulnerabilities, juxtaposed against the slower-moving deployment of defense measures."
CEO of Dragos, Inc. Robert M. Lee notes another problem: the boom of digitalized systems and common operating platforms, paired with a lack of manual workers on the physical infrastructure side, means we’re likely to witness hacks of escalating sophistication. Indeed, the summer of 2017 saw an attack on the Irish power grid by foreign hackers that compromised entire electrical systems, only months after a similar attack took place in Ukraine.
The Need
Amidst highly politicized and widespread media coverage of suspected Russian hacks of the 2016 presidential election, the US Senate Energy and Natural Resources Committee held a hearing on March 1st. Much of the hearing was centered around discussions of improving the reliability and security of the grid. Dr. William Sanders spoke at the hearing about the necessity of moving past basic cybersecurity and focusing more preemptively on cyber-resiliency, calling for better visualization techniques, analytics, continuous collection of sensor data, as well as merging of sensor data with other intelligence information.
The need for better cybersecurity is more glaring than ever before. At Turn-key Technologies, we have paved the way for a safer cyber future for more than 20 years. Our extensive offerings include thorough wireless site surveys and managed IT services and, coupled with our experience working in remote, industrial sectors like petrochemicals, we’re prepared to work with any company or agency to secure energy infrastructure and optimize connectivity. The energy sector is certainly not the only industry facing the imminent threat of cyberattacks. As such, it’s vital that all enterprises make cybersecurity a top priority in 2018, and beyond.