The December 2022 issue of IEEE Spectrum is here!

Close bar

Sharp Rise in Cyber Attacks on Grids Is Reported

And the situation will get worse, the smarter the grid gets

2 min read
Sharp Rise in Cyber Attacks on Grids Is Reported

McAfee, a network security firm in Santa Clara, Calif., and Georgetown University's Center for Strategic and International Studies (CSIS) have issued a report documenting a high rate of cyber attacks against the electric power grids in 14 countries surveyed. Of 200 IT executives questioned, 40 percent thought vulnerabilities had increased, 30 percent thought their companies were not adequately prepared, and 40 percent expected a major attack in the next year.

Four fifths of the respondents said they have faced major denial of service attacks, and a quarter said they have experienced attacks tied to attempts at extortion. Between 60 and 80 percent of the respondents in India and Mexico, the countries most afflicted by extortion, said they had suffered such attacks.

The report, commissioned by McAfee and prepared at CSIS, covered oil, gas, and water infrastructure, as well as electric power systems. It found that China, Italy, and Japan to be best prepared for cyber attacks, but Brazil, France, and Mexico to be lagging. Communication between governments and network operators was found to be wanting in Spain, the United States, and the UK.

There was a general sense that as more sophisticated communications and computing are integrated with power systems, consistent with the smart grid vision, things will get worse before they get better.“What we are learning is the smart grid is not so smart,” said Phyllis Schneck, vice president and chief technology officer for public sector at McAfee. “The fact is that most critical infrastructure systems are not designed with cybersecurity in mind, and organizations need to implement stronger network controls, to avoid being vulnerable to cyberattacks.”

As the Financial Times commented in a story about the McAfee-CSIS report, the findings amplify concerns highlighted by last year's Stuxnet, the ultra-sophisticated cyber weapon that was designed to disable uranium enrichment centrifuges in Iran--and did so--but also penetrated power grids and control systems all over the world, albeirt without doing any damage. A New York Times report discusses efforts in the United States by FERC and NERC to disseminate checklists and establish power industry practices to address cyber threats to the grid.

The Conversation (0)
This photograph shows a car with the words “We Drive Solar” on the door, connected to a charging station. A windmill can be seen in the background.

The Dutch city of Utrecht is embracing vehicle-to-grid technology, an example of which is shown here—an EV connected to a bidirectional charger. The historic Rijn en Zon windmill provides a fitting background for this scene.

We Drive Solar

Hundreds of charging stations for electric vehicles dot Utrecht’s urban landscape in the Netherlands like little electric mushrooms. Unlike those you may have grown accustomed to seeing, many of these stations don’t just charge electric cars—they can also send power from vehicle batteries to the local utility grid for use by homes and businesses.

Debates over the feasibility and value of such vehicle-to-grid technology go back decades. Those arguments are not yet settled. But big automakers like Volkswagen, Nissan, and Hyundai have moved to produce the kinds of cars that can use such bidirectional chargers—alongside similar vehicle-to-home technology, whereby your car can power your house, say, during a blackout, as promoted by Ford with its new F-150 Lightning. Given the rapid uptake of electric vehicles, many people are thinking hard about how to make the best use of all that rolling battery power.

Keep Reading ↓Show less