Search

Premium Membership ♕

Save 50% on all EEP Academy courses with Enterprise Membership Plan and study specialized LV/MV/HV technical articles & guides.

More Information »
Premium Content / Protection / Safety / Transmission and Distribution

Automated, but hackable. Is power grid in your country safe from cyberattacks?

Subscribe | Share!
Home / Technical Articles / Automated, but hackable. Is power grid in your country safe from cyberattacks?

Threats to Power Grid

Yes, many of today’s power grids are very sophisticated and automated. Every single event and piece of equipment is tracked, controlled, measured, and protected. But things aren’t as bright as it seems. As we can see, it turns out that all these advanced toys are easily hackable, meaning that many different areas of the power grid are vulnerable to cyberattacks.

Automated, but hackable. Is power grid in your country safe from cyberattacks?
Automated, but hackable. Is power grid in your country safe from cyberattacks?

These areas include data storage, automation of distribution, demand management, smart metering infrastructure, and wide area situational awareness.

All it takes is one assault to compromise any number of these subsystems. There are four main types of attacks against power systems that can be distinguished:

  1. Cyberattacks with the goal of stealing information from servers owned by utilities.
  2. Cyberattacks that seek to seize control of servers needed for utilities.
  3. Cyberattacks that attempt to bring down servers that provide utilities.
  4. Cyberattacks on instruments used for measuring large areas.

Furthermore, we must address the dangers to the smart home segment of the grid, as well as those that come from its interactions with other smart grid components. These encompass eavesdropping, traffic analysis, replay attacks, repudiation, and more threats.

Common cyberattacks targeting infrastructure include:

Denial of Service (DoS) and Distributed Denial of Service (DDoS): Distinct attack vectors designed to undermine the availability of a system’s functionality.

Malicious software: It refers to attacks stemming from the actions of malware, which include viruses, worms, Trojan horses, logic bombs, and similar threats.

Identity spoofing: The unauthorized impersonation of a genuine user or service by methods such as man-in-the-middle attacks, message replay, IP spoofing, or software exploitation.

Password theft: It encompasses prevalent attack methods such as password sniffing, guessing, brute force attacks, dictionary attacks, and social engineering.

Eavesdropping: Unauthorized interception of communication content.

Intrusion: Unauthorized access to cyber assets.

According to Figure 1, a typical substation is vulnerable to attack via all routes indicated in red. The predominant attack vector employed is the link from corporate IT (1), which was exploited in the 2016 attack on a substation in Ukraine. This link may be permanent for accessing corporate IT servers or temporary for remote maintenance purposes. An intruder might also infiltrate via the control center connection (2), irrespective of the SCADA protocol employed.

Another access point is via engineering PCs (3) linked to substation equipment or the network.

Figure 1 – Attack vectors of a substation

Attack vectors of a substation
Figure 1 – Attack vectors of a substation

Side-channel attacks: Assaults that exploit the ancillary characteristics of the targeted system, typically associated with its implementation rather than inherent cybersecurity flaws, encompassing power analysis, electromagnetic analysis, and timing attacks.

The following attacks are included in an alternative list of conventional attacks on the power grid, which is more generic in nature:

  1. Spoofing,
  2. Tampering (unauthorised modification of a device or service),
  3. Repudiation (denying the agency of actions taken in a computer system, information disclosure (obtaining unauthorised access to information),
  4. Denial of Service,
  5. Elevation of privilege (illicit gaining of system privileges higher than granted),
  6. Phishing (extortion of confidential data),
  7. Cryptanalysis (an extensive set of methods aiming at obtaining a plain text from an encrypted code).

The power sector is currently facing a number of cyberthreats, the most serious of which could be classified as follow:

  1. Data injection attacks against state estimation,
  2. DoS and DDoS,
  3. Targeted Attacks, coordinated attacks, hybrid attacks and Advanced Persistent Threats.

A description of each of these types of attacks is discussed in the following paragraphs.

Table of Contents:

  1. Attacks Using Data Injection Against State Estimation
  2. The Most Used: DoS and DDoS Attacks
  3. The Most Advanced Cyberattacks (Targeted, Coordinated & Hybrid Attacks, Advanced Persistent Threats)
  4. Conclusion
  5. Additional Reading (PDF)

1. Attacks Using Data Injection Against State Estimation

Why state estimation? State estimation is a crucial function in supervisory control and planning of electric power systems. It serves to monitor the state of the grid and allows Energy Management Systems (EMS) for performing important control and planning tasks such as computing optimal power flow, economic dispatch and unit commitment analysis, incorrect data detection or reliability assessments.

The latter include contingency analysis and determination of corrective actions against potential failures in the power system.

These functions are based on thousands of measurements and system state data, for which malicious modification or introduction (injection) of false data would result in shifting the power system towards unstable operating conditions that would have a severe economic impact on the electricity grid.

Unfortunately, current statistics shows that data injection attacks against state estimation in power distribution systems requires only a little effort, and that attacker can effectively distort the power system.

Go back to Content Table ↑


2. The Most Used: DoS and DDoS Attacks

Attacks that are classified as Distributed Denial of Service (DDoS) are constantly being launched against modern vital infrastructures, including power grids themselves.

Already in 2011, McAfee disclosed that eighty percent of critical infrastructure installations were subjected to a distributed denial of service attack that year, and approximately twenty-five percent are required to cope with DDoS on a weekly basis.

Membership Upgrade Required

This content is not available in your premium membership plan. Please upgrade your plan in order to access this content. You can choose an annually based Basic, Pro, or Enterprise membership plan. Subscribe and enjoy studying specialized technical articles, online video courses, electrical engineering guides, and papers.

With EEP’s premium membership, you get additional essence that enhances your knowledge and experience in low- medium- and high-voltage engineering fields.

Did you know?Save 50% on all video courses by purchasing Enterprise plan.

Upgrade

Already a member? Log in here

Premium Membership

Get access to premium HV/MV/LV technical articles, electrical engineering guides, research studies and much more! It helps you to shape up your technical skills in your everyday life as an electrical engineer.
More Information
author-pic

Edvard Canji

Electrical engineer, programmer and founder of EEP. Highly specialized for design of LV/MV switchgears and LV high power busbar trunking (<6300A) in power substations, commercial buildings and industry facilities. Professional in AutoCAD programming.

Leave a Comment

Tell us what you're thinking. We care about your opinion! Please keep in mind that comments are moderated and rel="nofollow" is in use. So, please do not use a spammy keyword or a domain as your name, or it will be deleted. Let's have a professional and meaningful conversation instead. Thanks for dropping by!

six  ×    =  12

Learn How to Design Power Systems

Learn to design LV/MV/HV power systems through professional video courses. Lifetime access. Enjoy learning!

EEP Hand-Crafted Video Courses

Check more than a hundred hand-crafted video courses and learn from experienced engineers. Lifetime access included.
EEP Academy Courses - A hand crafted cutting-edge electrical engineering knowledge