Maintaining a resilient utility grid in the face of cyber attacks


By Kevin Nesdale, General manager of Power Distribution, Eaton ANZ

The recent spate of malicious state-backed cyber activity directed at Australia has been a sobering reminder that without a resilient cyber security framework in place, all critical infrastructure is vulnerable. About 31% of industrial control systems have experienced a cybersecurity incident or an attempt in the past 12 months, a significant number of attempts are targeting commercial, industrial, utility and government networks, making virtually every system vulnerable. The recent attacks come as a reminder that cyber-attacks are here to stay and that certain measures must be implemented from the outset to ensure utilities are resilient in the event of a breach.

Cyber secure by design

A resilient utility grid with a trustworthy cyber-network is required to mitigate the impacts induced by cyber-attacks. To eliminate the impacts of cyber-incidents, a three-phase Cyber Resiliency framework, including attack detection, response, and recovery is needed to couple cyber and physical layers along with advanced algorithms developed and implemented in each phase. As a critical element in the cyber-incident defense framework, post-contingency recovery, which belongs to the phase of attack mitigation, acts as a last step in cyber-defense framework and plays a significant role of maintaining healthy and uninterrupted operation of modern distribution systems.

Utilities should ensure that equipment purchased has cybersecurity principles included from the initial design phase. It is crucial to understand the difference in nature between IT systems and Industrial Controls for physical systems when it comes to security measures and data traffic. Cyber Resiliency Framework considers “Cybersecurity by Design” as a principle to operational technology (OT) defence mechanisms. An example of the difference is the nature of what we are protecting – for IT systems, customer data and organisational information is the main concern for cybersecurity. On the other hand, system operations and protection against equipment damage are the sole concern when cyber resiliency plays a significant role, to ensure system availability and fallback planning when a cyber incident occurs.

Download Cyber Risk Leaders Magazine – Issue 3, 2020 to read full article.