The U.S. electric grid continues to face a bevy of foreign and domestic cyberattack threats. Therefore, it makes more sense than ever before for utilities and transmission operators to aggressively fortify their cyber defenses. In fact, failure to do so is a classic case of being penny wise and pound foolish.
- On Nov. 16, following two days of cybersecurity scenario testing by more than 250 organizations, Manny Cancel, Senior Vice President of the North American Electric Reliability Corporation (NERC) said, “The threat landscape in which we are operating is unprecedented—we are facing challenges that are increasingly difficult to detect and protect against.”
- NERC added that evolving cyber threats to the grid are “guided by geopolitical events, new vulnerabilities, changes in technologies, and increasingly bold cyber criminals and hackers.”
- China, Russia, and other countries continue to impose cybersecurity threats to the U.S. electric grid, as discussed in the Office of the Director of National Intelligence’s Annual Threat Assessment.
- Cybersecurity insurance premiums continue to rise sharply, making preventative actions more compelling from a cost-benefit standpoint.
- The shift to renewable energy and distributed resources opens additional vulnerabilities for electric utilities. As Bruce Walker, President and Chief Executive Officer of the Alliance for Critical Infrastructure Security said in July 18 Congressional testimony, “Importantly, the risk associated with cyber is exacerbated by the rapid transformational changes happening in the electric sector. The transition away from a centralized generation and command and control model to a decentralized model, has increased the surface area for cyber penetration.
One way to simplify critical infrastructure protection and keep OT secure is to place a device that only allows pre-defined, legitimate signals to be sent to the OT on a network. This reduces the costs of more holistic network changes. It also prevents non-specific commands from passing through a protected device.
Legitimate commands can pass through. Those that would cause the device to behave in dangerous, destructive ways are thwarted.
Binary Amor cannot be modified or reconfigured without physical access to the system, thereby providing robust security for remote facilities and critical infrastructure. The system allows the system operator to define the rules for SCADA/ICS traffic and to inspect every byte of information.
The scope of threats that the U.S. electric grid will continue to face are likely to rise in complexity and severity. Rather than waiting for dictates from regulators, utilities and transmission grid operators should identify important areas for cybersecurity protection, especially where there are efficient, cost-effective solutions. In this environment, OT protection is especially important and likely to be even more so soon.