Illustration: Eniola Odetunde/Axios
A smarter, more connected electrical grid is more efficient and more resilient against natural threats — but more vulnerable against cyberattacks.
Why it matters: As electricity shifts to more distributed and intermittent renewable sources, updating the grid has become a necessity. But unless cyber defense keeps pace, digitizing the grid will also open up new points of approach for cyber threats.
By the numbers: Over the next two years, 2.5 billion industrial devices are set to be connected to the energy industry's critical infrastructure, a sign that the 20th century U.S. electrical grid is finally entering the 21st century.
- But as the grid is connected to the internet, it will be exposed to the same kind of cyberattacks that have become a regular part of online life. The difference is that a cyberattack on something as vital as electricity service would have enormous real-world implications.
- "The attack surface is increasing," says Leo Simonovich, global head of industrial cyber and digital security at Siemens Energy. "At the same time, the cost of attacks have gone down and are being deployed by sophisticated actors like nation-states."
Flashback: In March 2019, the U.S. power grid was hit for the first time by a cyberattack that affected several Western states, though there was no disruption to service.
How it works: Simonovich says that "you can't protect what you can't see," so the first step to defending the grid against cyberattacks is improving visibility into operations.
- The company last week launched an AI-based Managed Detection and Response system that can sift through billions of data points to determine "what is not normal and understand the context" of a possible attack, he says.
- Context is vital — unlike online systems, real-world infrastructure like the grid can't be easily turned on and off every time there's a potential cyberattack.
- Siemens Energy is working with utilities including the New York Power Authority to implement its defense system.
What to watch: Whether the prolonged period of remote work caused by the pandemic leads to an increase in cyberattacks on the grid, as it already has with wider ransomware attacks.