When do you buy a burglar alarm for the smart energy grid?Oct 09, 2020
When do you buy a burglar alarm?
For some of us, including me, it was after I was burgled. Of course, the right time would have been when I got indicators that my neighbourhood was carrying increasing threat of burglaries. And how could I have known that? Well, my insurance premium started to increase, the general attractiveness of our neighbourhood to theft (its affluence) started to rise, there were more people and cars I didn’t recognise in the street, a neighbourhood watch started up and there were crime awareness notices posted through my front door.
In fact, I had all the indicators. I just didn’t associate the threat with me personally and I didn’t correlate the indicators to form the important point – now is the time to buy a burglar alarm.
So, what did I do before I was burgled? I purchased some additional locks for the windows, installed them myself and felt rather smug. That is, until I was burgled.
Indicators in the smart energy grid
The same logic works for the threat of cyber-attack in the smart energy grid. We have all the indicators; most significant being the increases in cyber-attacks on utilities over the last few years, several of which exploit weaknesses resulting from changing working practices in response to COVID-19.
These aren’t the only indicators. Just look at the attractiveness of our industry to the cyber-criminal. Our investment in intelligence in the smart grid has exposed us to attack. Gone are the days when the cyber-criminal had to fight through layers of massively protected IT infrastructure to do damage to utilities – there is now a distributed network of connected intelligent devices ready to be hijacked.
In fact, the very features that we are depending on to deliver the smart energy transition can be used against us by the cyber-criminal. They can disrupt energy supplies, disrupt operations, disrupt billing, disable infrastructure and steal/publish sensitive information.
Put another way, the attractiveness of the smart grid to the cyber-criminal has increased. Just like my area became more affluent shortly before I was burgled.
Extortion is cheaper than destruction
In a sense, the lucky victims are those held to ransom. They have the choice of paying a ransom and hope the criminals follow through on their end. That’s fine if your attacker is motivated by financial gain. In my personal case, it’s as if the thief has changed all the locks and offered me the key for a fee. I would have considered such an offer.
But cyber-criminals have multiple motives – some will not be monetary – they are motivated to cause damage and disruption, maybe for kudos in their community or as part of an organised hostile nation state. My burglars where not “malicious” – they didn’t vandalise my home, but they could have done so.
Changing or upgrading the locks
Let’s look again at my response to the indicators – I upgraded my locks – and I felt pretty safe after that, until I was burgled.
In the smart grid, we can upgrade the layers of protection, but that can be expensive and time consuming. It also tends to focus on protecting IT and not on the human and process aspects which the cyber-criminal is often more likely to exploit.
When my house was broken into, it was down to my own carelessness – yes, I left a window slightly open. Humans and process; not the technology.
In any IT system (the smart grid is one of the largest IT systems we will ever build) the working assumption must be that the cyber-criminal will get in.
So, that’s why we have burglar alarms
The burglar alarm is there on the assumption that the criminal has got in passed the protection. Burglar alarms (and outside lighting, doorbells with in-built cameras etc….) are all about detecting a threat, offering us the opportunity to do something about it and placing a deterrent in front of the thief.
Detection in the smart energy grid
Keep investing in the locks, of course. But recognise their limitations.
The latest generation of smart energy grid security solutions offer mechanisms to identify the threat of attack, identify reconnaissance by the cyber-criminal, identify an actual attack taking place and identify a breach of the protection layer.
These tools apply an understanding of how cyber-criminals will exploit systematic, technology, human and process weaknesses which are specific to the smart energy grid. Using pattern detection, they highlight a developing security incident.
No one wants a burglar alarm which goes off too early
The most advanced smart energy grid detection solutions will start watching suspicious activities, but only bring you into the picture once something is worthy of attention. At the same time, they retain the history (let’s call it evidence) that was building up whilst it was just a suspicion.
Detection becomes deterrent
Because these systems monitor all the suspicious activities associated with an incident, it becomes possible to back-track through the history of attack and find the starting point, and that may be the information which associates the attack to an inpidual. What better form of deterrent – a burglar alarm for the smart grid that takes of photo of the potential criminal when they are still outside your house, and then tracks them as they work through your layers of protection.
When do you buy a burglar alarm for the smart energy grid?
When the indicators are telling you that protection isn’t enough, and when innovative solutions for smart energy grid threat detection and response are entering the market.
NES Grid Watch augments the smart energy grid protection layers with threat detection and response capabilities.