Hackers are continuously improving what they can get into and destroy, and they might have their eyes set on something close to home. When power outages occur, the lights are going to go out, but did you consider that even water treatment abilities would be affected? Or that you might have to scour your city to find a gas station that could help you? Well if power outages stay going on for too long, that could be your reality. Being able to protect our power grids should be a primary concern for many. It impacts everyday life and economy. Without it, businesses can’t function correctly and money is lost.
Why Now?
The Ukraine has been a victim to cyberattacks on its power system, not just once, but twice. They faced widespread outages that brought some locations to a stop. Cyberattack capabilities have gotten better, and for the US to avoid the same fate, we must take precaution now. The Department of Homeland Security stated that there have been multiple attempts to inject malware into the power grid system already. All it takes is one successful attempt.
What Is Currently Helping Us?
The Corporation’s Critical Infrastructure Protection (CIP) standards are held in place by the North American Electric Reliability Corporation. Any power system or grid is required to meet the criteria. The basis of the measures were created to safeguard systems from any cyber or physical attacks. The requirements are updated on a regular basis and address any new possible threats. Any company that fails to meet the criteria is fined by auditors that stem from the Federal Energy Regulatory Commission.
The Defense Advanced Research Project Agency launched RADICS, a team that would create technology that could swiftly restore electric systems if the power grid were to go down. Even with these precautions set in place, we do have to consider what other preventative actions we can take to ensure the power grid’s safety.
So What Can We Do To Protect Our Power Grid From Cyber Attacks?
The first step is to train employees on how to avoid scams. If an IT team member were to install or run an application in the system that contains a Trojan horse program, an attacker could enter the system easily through a backdoor. Once the backdoor is created, the creator of the application is notified and they would have access to the entire system. The Trojan horse is typically sent via emails and can only be avoided by not running or installing the program.
The second step would be to train employees never to give out sensitive or personal information. Even with the best spam blocker set in place, emails can still get into the inbox of employees. These emails ask employees for information to get gift cards or can even impersonate high-level management members of your company. Being able to spot these emails will save the company the hassle of dealing with the repercussions that can be caused when you get sensitive information to the wrong people. Employees can avoid fake surveys by being taught to spot fake hyperlinks. Employees can hover over hyperlinks in emails and see where they would be directed to once they click on the link. Avoid any mistyped or all number links.
The second step would be to increase security measures regarding who would have access to pertinent information. Employees or vendors are potential targets for interested parties that want to disrupt the system. They can be bribed to look the other way or install malware programs. While it may sound like a plot out of a movie, it has happened before. With increased security measures and limiting access to critical areas, it would make it harder for this to occur.
We live in an internet-centric society. Without adequate protection against hackers, our power grids will suffer.