Could hackers really take down the power grid? High-tech criminals wreaking havoc on critical infrastructure is a staple of Hollywood thrillers – but how realistic is this threat? We ask cybersecurity expert Ghasan Bhatti. Security © urbans78/stock.adobe.com Those responsible for the security of Europe’s critical infrastructure – such as national power grids, health services and transport networks – are racing to stay one step ahead of the increasingly sophisticated threats faced from the cyber realm. In March, an EU-NATO Task Force to strengthen the resilience and protection of critical infrastructure was launched, with an initial focus on transport, energy, digital and space infrastructure. The initiative was prompted by the sabotage of the Nord Stream gas pipeline last year. According to Bhatti, from the digital technology company Capgemini, a key common vulnerability of much critical infrastructure is the dispersed and diverse nature of the electrical power and energy systems on which they depend. “On the one hand, for bulk energy generation we still rely on ageing infrastructure, unable to counter modern cyberattacks. On the other, increased demand for distributed energy generation and storage results in secure grids is dependent on software protection. Here, the connective infrastructure, such as smart meters or even the underlying algorithms, are likely targets,” explains Bhatti. Additionally, the interconnectedness of critical infrastructure, for example energy systems interacting with water systems, means that a cyberattack at one location may cause knock-on effects across other types of infrastructure. And of course there remains the human factor; people routinely interact with critical infrastructure as workers, consumers or prosumers, affording physical or remote access. So what is a realistic threat level for Europe? While it is widely acknowledged that threats are becoming more coordinated and sophisticated, it is hard to quantify how successfully attacks are thwarted, outside of specialist security circles, due to the clandestine nature of the work. “Past high-profile attacks include the Nord Stream gas pipeline attack and the Ukrainian blackout of 2015. The impact of attacks could be severe, depending on the targeted infrastructure and intention of the attack. Lives could be lost if transport networks or healthcare services are severely disrupted, for example,” adds Bhatti. On the plus side, according to Bhatti, the scale, scope and complexity of Europe’s power grid means that it would be hard for a small rogue group of hackers to disrupt it. Hackers would face not only a collective pan-European response but also the defensive arsenal of individual countries. Added to which, previous cyberattacks have alerted authorities to specific vulnerabilities, prompting investment in more effective preparedness measures. Similarly for small targeted attacks on the power of a specific building or area. “Power operators have processes in place to prevent access to their systems and even in the unlikely event that an attack succeeds, backup systems would be activated,” notes Bhatti. Discovery, response and recovery Currently, system and distribution operators cooperate with authorities, at national and European level, to share threat information. Bhatti coordinated an EU-supported project, PHOENIX, which provided insights, know-how and innovative tools to support this cooperation, making the power grid more resilient to cyberattacks. “We focused on solutions that can help electrical power and energy system infrastructure not only survive cyberattacks but continue to function in the face of disruption. This includes self-healing capabilities that can automatically detect and recover from attacks,” adds Bhatti. The solution has been validated across five European pilots involving Germany, Greece, Italy and Slovenia, with the team now looking to commercialise both individual components, as well as the whole system. The threat to Europe Despite these measures, increased digitalisation across infrastructures is expanding the scope for interference. Additionally, the war in Ukraine has highlighted the degree to which critical infrastructure can be weaponised. “I wouldn’t highlight an individual threat,” says Bhatti. “What keeps me awake at night is thinking of smart solutions to prevent cascading effects across interconnected systems.” Click here to find out more about Bhatti’s research: Shielding Europe’s electrical and power systems Keywords PHOENIX, energy, critical infrastructure, cyber, attack, hack, power grid
