Smart grids ‘at risk of cyber attack’

Connected power grids will democratise electricity supply, but they could be more vulnerable to cyber attacks, according to experts.

As consumers increasingly harness their own energy using solar panels and other renewables, technology will enable them to sell it directly to each other. “Advances in digitalisation are making that easier and easier,” said Chris Goodall, clean-energy analyst and author of The Switch.

However, because these power sources are connected to the internet, they could be open to new threats. Transforming the existing electrical grid into a smart grid is dependent on existing communication protocols and operating systems, said Nilufer Tuptuk from University College London’s Security Science doctoral centre. “However,” she told Professional Engineering, “these also inherit the vulnerabilities of these products which are well-known to attackers as they are already widely used in other business and home applications.”

Hackers have already caused damage to connected devices. In 2015, an attack on Ukraine’s energy grid left 225,000 people without power, while in 2016 a similar attack also took out the energy company call centres so people couldn’t find out what had happened.

Often critical systems are ‘air gapped’ – kept totally separate from the internet – but that may not be enough to protect them, said Tuptuk, as demonstrated by the Stuxnet attack on the Iranian Natanz nuclear facility.

She said the smart grid is “one of the most complicated planned network infrastructures in existence,” and that securing the infrastructure must therefore be a collaborative effort between energy operators, public bodies, academia, industry and regulators. 

Content published by Professional Engineering does not necessarily represent the views of the Institution of Mechanical Engineers.