Physicist Dr. Stephan Beirer is an expert in information security for process control and automation systems. He specifically advises medium and large industrial and utility companies, professional associations and manufacturers.
"Digitalization of the power grids will only work with comprehensive security measures"
In this interview, Dr. Stephan Beirer of the information security consulting firm GAI NetConsult explains why cybersecurity must be considered in all aspects of the power grid.
"Digitalization of the power grids will only work with comprehensive security measures"
In this interview, Dr. Stephan Beirer of the information security consulting firm GAI NetConsult explains why cybersecurity must be considered in all aspects of the power grid.
Hacker attacks against power grids are a favorite topic for novels and films. How do you rate the threat level?
The threat is entirely real and, in my estimation, has even grown in recent years. This is evidenced not only by various media reports, such as the attacks in Ukraine around Christmas 2015 and 2016, when up to 700,000 households went without power for hours. Indicators of this in particular are also the specific, non-public warnings from security agencies to the operators. These types of warnings are not given for no reason.
What kinds of attacks on the energy supply are most likely?
If we are talking about targeted attacks, these are scenarios where an attacker specifically tries to take control of the supply, for example by triggering unauthorized switching operations. If such an attack on the grid infrastructure were successful, the worst case is that it would cause a power outage. As more and more interfaces are being created with end consumers – the keywords here being smart metering, control boxes and electromobility – attacks on the technology installed at the consumers' location and their personal data can also be expected in the future.
700,000
households in Ukraine went without power due to a hacker attack.
Who is behind these large-scale cyber attacks on power grids?
Based on our current knowledge, the greatest threat comes from governmental or semi-governmental actors. They have the vast resources needed to carry out such a complex attack. Extortion scenarios by organized cyber criminals are also conceivable. Even though the media often reports on the possibility of terrorist attacks against our power grids, I consider this danger to be currently relatively unlikely.
What do these cyber risks mean for the progressive digitalization in the energy sector?
All digitalization of the grids and the broad networking associated with it are only possible if extensive security measures are taken into account. No one would think to take a vehicle to market without brakes. However, like everywhere in life, cost is also a significant factor in the information security sector. Operators of critical infrastructure already have to accept significantly higher expenses than a small public utility for legal reasons. However, economic considerations must not be limited to security measures; they must include the entire application. Whether the increased convenience and efficiency of app access from a cell phone to station control technology justify the extensive security measures that are then necessary must be decided on a case-by-case basis.
The issue of cybersecurity permeates all automated industrial sectors, but especially energy supply.
How will the issue of cybersecurity in power grids continue to develop in the future?
In recent years, information security has developed from a special problem into an issue that permeates all of technological society, and so of course also all automated industrial sectors, but especially energy supply. In the future, both manufacturers as well as operators will try to develop and implement standardized solution concepts. However, since there are always more complex application scenarios in IT and control technology and attackers are developing new methods, the topic will not lose importance.
Cybersecurity @MR
At MR, the issue of cybersecurity is considered and implemented for all components from the start. To this end, MR is continuously working on high product security, always optimizing its processes with regard to security and maintaining thorough risk management. MR's own Cybersecurity Emergency Response Team (CERT) is the central contact for all questions on the topic of IT security. The MR specialists advise customers and are involved in the development of a product from the start. In this process they define, among other things, which standards and guidelines must be taken into account for a corresponding project.
