Power Grid Attacks: What to Know About This New Threat

Cyberattacks can target any industry, but some sectors are more vulnerable than others. The risk of a power grid attack has emerged as one of the most concerning threats as the energy sector has embraced digitization.

Physical infrastructure often isn’t the first thing to come to mind when thinking of cybersecurity. Despite that — and partially because of it — the nation’s energy grid has become a prime target for cybercriminals, especially as digitization increases. Here’s everything you need to know about these attacks, what they could do and how to stay safe.

What Is a Power Grid Attack?

A power grid attack is any act that tries to affect how the energy grid operates. That includes physical attacks like cutting key power lines or vandalizing substations and the newer threat of cyberattacks against connected energy infrastructure.

The latter of those attack types is becoming increasingly concerning. The Infrastructure Investment and Jobs Act allocates $65 billion to upgrade energy infrastructure, fueling a wave of digital transformation. As more grids feature Internet of Things (IoT) systems and other digital technology, they become vulnerable to cyberattacks.

IoT devices like smart transformers let utility companies monitor and adjust power delivery remotely. That’s a big advantage, but it also means cybercriminals could hack into these endpoints to gain the same control. From there, they could shut off power in some areas or overload the grid in others.

What Could a Power Grid Attack Do?

Grid cyberattacks fall into three threat levels of increasing severity. At the least extreme, attackers can steal company data or the personal information of utility employees. At their most threatening, power grid attacks could give cybercriminals full control over an area’s energy infrastructure.

If a hacker gains this control, they could cause widespread damage. They may cause a blackout to take businesses’ security offline, making it easier to commit other crimes. Alternatively, they could cut off power to hospitals and other emergency services, putting people’s lives in danger.

Extreme blackouts in the past highlight the importance of keeping the grid running. A massive blackout in Texas in 2021 caused at least 57 deaths and $195 billion in property damage. It would take a perfect storm of conditions for a cyberattack to do the same. Still, outcomes like that become more likely as the grid relies more on hackable technology.

How Likely Is This Threat?

Power grid attacks are more than just a theoretical threat, too. Both cyber and physical attacks on energy infrastructure are already a reality, and they’re becoming more common.

Physical grid attacks rose by more than 70% between 2021 and 2022. In one of these instances, attackers shot power substations in North Carolina to cut off power to 45,000 people. While most other attacks didn’t disrupt anyone’s power service, authorities expect severe ones to grow.

Cyberattacks against the grid are also rising. Globally, the energy industry accounted for 10.7% of all cyberattacks in 2022, the fourth-most of any sector. If you focus on North America, energy was the most-targeted industry, accounting for 20% of all attacks. As IoT adoption in the sector increases, these attacks will become more viable for cybercriminals, likely encouraging further growth. 

How Can We Prevent Power Grid Attacks?

In light of this growing threat, cybersecurity must become a priority for the nation’s energy infrastructure. Thankfully, protection is possible. Here’s what better grid cybersecurity would look like.

Employee Training

Requiring all utility employees to undergo cybersecurity training is one of the most important steps. The vast majority of security issues stem from human error, as cybercriminals often target human vulnerabilities over technical ones. Employees are more likely to fall for spear phishing than an advanced anti-malware system is to overlook suspicious code.

Anyone with any sort of access to energy IT systems needs a thorough understanding of good cyber hygiene. That includes things like using strong, unique passwords, enabling multi-factor authentication (MFA) and never giving away sensitive information over email. Learning how to spot and avoid falling for phishing attempts is also important.

Power grid attacks are too threatening to assume even experienced employees won’t make mistakes. Consequently, utility companies should also give all employees regular re-training sessions and assessments to ensure they don’t become complacent about security. 

Technical Defenses

Power grids also need strong technical cybersecurity controls. Advanced anti-malware software and email filters that prevent phishing attempts are a good start, but these defenses must go further.

IoT security is one of the biggest gaps to address. Attacks against IoT devices rose by 87% in 2022, and these endpoints often give hackers access to critical systems they may otherwise be unable to get into. To prevent these attacks, energy companies must encrypt all IoT traffic, use strong passwords to access these devices and segment networks to ensure one endpoint can’t provide access to the whole grid.

Autonomous monitoring technologies are also necessary. AI can spot and isolate suspicious behavior before human workers notice anything. Employing these systems will help power companies stop attacks that do get through before they can cause much disruption.

Redundancy

Energy utilities must also recognize that it’s impossible to predict every emergency. Cybercriminals are too crafty and the consequences of a power grid attack are too severe to assume nothing will ever get through these defenses. Given that risk, grids need redundancy to minimize attacks’ impact.

Backup generators and substations can provide power if a cyberattack takes the primary infrastructure offline. Grid operators should also maintain backups of their internal IT systems and data to ensure they can still respond to an emergency if their main system goes down. Data backups will also minimize the impact of a ransomware attack.

These backups, both physical and digital, must be separate from the main system with their own security and access channels. That way, an attack against one part of the grid won’t affect another.

Power Grid Attacks Highlight the Need for Better Security

Power grid attacks are a real and concerning threat. The U.S. needs modernized energy infrastructure, but if it doesn’t improve grid cybersecurity at the same rate it embraces the IoT, modernization will be risky.

Better grid cybersecurity will ensure the nation can upgrade its energy infrastructure without becoming more vulnerable to cyberattacks. When that happens, people can enjoy the safe, reliable electrical service they need.