Smart Cities

Remember When They Said Our Smart Grid’s Could Be Vulnerable To Cyber Attack?

An investigation is underway over a cyber attack on Ukraine’s power grid last month. The attack, which plunged the northern part of the capital, Kiev, into darkness, is part of a series of strikes on its energy and financial infrastructure, the head of the state-run power distributor said. This event follows a major cyber-attack on Ukraine’s power grid in December 2015, the first of its kind anywhere in the world. Then, Russian-nexus actors caused blackouts in several regions in Ukraine. The actors used spear phishing to plant BlackEnergy3 malware, which was used to disable control system computers. As a result, Ukrainian utilities relied on manual efforts to restore power. “Ukraine became such a big story because it was the first attack in the energy sector,” said Michael John, director at the European Network for Cyber Security, a non-government group that focuses on the safety of Europe’s grids and infrastructure. “It demonstrated it is possible.” Ukraine […]

Stay ahead of the pack

with the latest independent smart building research and thought leadership.

Have an account? Login

Subscribe Now for just $200 per year per user (just $17 USD per month) for Access to Quality Independent Smart Building Research & Analysis!

What Exactly Do you Get?

  • Access to Website Articles and Notes. Unlimited Access to the Library of over 1,700 Articles Spanning 10 Years.
  • 10% discount on ALL Memoori Research reports for Subscribers! So if you only buy ONE report you will get your subscription fee back!
  • Industry-leading Analysis Every Week, Direct to your Inbox.
  • AND Cancel at any time
Subscribe Now

An investigation is underway over a cyber attack on Ukraine’s power grid last month. The attack, which plunged the northern part of the capital, Kiev, into darkness, is part of a series of strikes on its energy and financial infrastructure, the head of the state-run power distributor said.

This event follows a major cyber-attack on Ukraine’s power grid in December 2015, the first of its kind anywhere in the world. Then, Russian-nexus actors caused blackouts in several regions in Ukraine. The actors used spear phishing to plant BlackEnergy3 malware, which was used to disable control system computers. As a result, Ukrainian utilities relied on manual efforts to restore power.

“Ukraine became such a big story because it was the first attack in the energy sector,” said Michael John, director at the European Network for Cyber Security, a non-government group that focuses on the safety of Europe’s grids and infrastructure. “It demonstrated it is possible.”

Ukraine is not alone, last year Israel experienced a serious hack attack on its electrical grid. The “severe” attack came as temperatures in Jerusalem dipped to below freezing, creating two days of record-breaking electricity consumption. It was one of the biggest computer-based attacks Israel’s power infrastructure has experienced. The energy ministry didn’t identify any suspects behind the attack or provide details about how it was carried out.

“The virus was already identified and the right software was already prepared to neutralize it,” Israeli Energy Minister Yuval Steinitz told attendees of a computer security conference in Tel Aviv. “We had to paralyze many of the computers of the Israeli Electricity Authority. We are handling the situation and I hope that soon, this very serious event will be over,” he said at the time, “but as of now, computer systems are still not working as they should.”

At the end of last month a major cyber-attack was the source of the widespread electricity cuts across Istanbul, Turkey. “The attacks are generally aiming to seize Internet sites and secure infiltration,” a senior anonymous source said on Dec. 31, as quoted by state-run Anadolu Agency.

He also said the cyber attacks started after the failed July 15th coup attempt and have been increasing ever since. “Many infiltration attempts to the systems controlling our transmission and electricity producing lines were determined and prevented. The infiltration attempts are indicators of a major sabotage preparation against Turkey’s national electricity network,” the source added.

Energy Minister Berat Albayrak said a comprehensive investigation has been launched to figure out the real reasons behind the electricity cuts in a trip to the northwestern province of Kocaeli, which is the main center of the breakdowns.

It seems, after years of talk about vulnerabilities that may come from the digitization of power grids, that it is finally and inevitably happening. With a plethora of countries around the world investing heavily in smart grid technologies, we should probably prepare for more and more attacks.

The EU in particular, where 72% of European consumers are expected to have smart meters by 2020, has reason to be concerned. The basis of the policy is that more empowered consumers enabled by smarter grids will lead to a greater energy efficiency and more green energy flowing through Europe’s power networks. However, every smart element means greater vulnerability.

“Every component in the grid that has become digitized is becoming an attack point,” says Sander Kruese, privacy and security adviser at Alliander, a distribution system operator in the Netherlands. The Netherlands has opted for smart meters without the remote switch-off option, “because they saw this threat,” Kruese said.

While in the UK, where 53 million smart meters are set to be installed by 2020, the government has asked the GCHQ intelligence agency to help design security for smart meters.

“If somebody could hack into that or turn off very large numbers of meters by mistake, the sudden shock of taking them off the grid — even worse if they were all turned back on at the same time — would cause significant damage,” UK-based technology consultant Nick Hunn said in September during testimony before a smart meters parliamentary committee.

This raises a lot of questions for the smart technology sector, as well as the governments, businesses and citizens adopting such technologies. The modern energy infrastructure we are creating, which includes smart buildings and cities, powered by renewable energy under demand response systems, all depends on the smart grid. But how can we move forward with these increasingly stark vulnerabilities.

“Technology becomes your Achilles heel if you don’t do the right things,” said Nuno Medeiros, information systems officer at Portugal’s power distribution company EDP Distribuição. While racing towards a digital grid will bring about desperately needed grid efficiency and flexibility, it will also open us up to dangerous attacks on basic systems.

We need to stop, take a step back and find a solution, before implementing a new system. If we don’t, we can and should expect cyber attacks taking down our power systems when we need them most.

[contact-form-7 id="3204" title="memoori-newsletter"]

Most Popular Articles

Kieback&Peter Cube Berlin
Energy

Kieback&Peter Building Automation Business & Financials Examined

In this Research Note, we examine Kieback&Peter, one of the long-established German manufacturers and systems integrators of building automation solutions and services. This analysis is based on their December 2023 filing of their 2022 company accounts and more recent announcements. Kieback&Peter GmbH & Co. KG was founded in 1927 in Berlin, Germany. This family-owned medium-sized […]

Alibaba Smart Buildings
Smart Buildings

“Open Sesame” Exploring Alibaba’s Smart Building Approach

Initially launched in 1999 as an online marketplace for Chinese-made products, The Alibaba Group has gone on to become one of the biggest companies in the world with a market cap of over $210 billion. While online retail remains Alibaba’s core service offering, the firm has expanded into a huge range of activities, including comprehensive […]

Allegion 2023 Financials Examined
Security

Allegion Access Control Business & Financials 2023 Examined

In this Research Note, we examine Allegion plc, a pure-play provider of security and access solutions. Our analysis is based on their 2023 annual results, presentation, earnings call and 10K Report. We highlight growth in electronic security products, software and corporate venture capital investments in 2023. Note that we reviewed Allegion’s May 2023 Investor Day […]

Subscribe to the Newsletter & get all our Articles & Research Delivered Straight to your Inbox.

Please enter a valid email

Please enter your name

Please enter company name

By signing up you agree to our privacy policy