Increasing reports that hackers are breaking into electrical grids in cities around the world are not new, but recent attempts to extort ransom money mean better cyber protection is required.
That’s the view of behavioural analysis software security specialist Tier-3.
“The assertion by the CIA’s senior analyst Tom Donahue that hackers are breaking into power grid computer systems is something that is not uncommon in this sector,” comments Geoff Sweeney, Tier-3’s CTO.
“The computerisation of power grids goes all the way back to the 1980s and hackers, often working with inside knowledge of the computer systems involved, have been trying to down power system ever since remote modems were hooked up to those systems,” he adds.
According to Sweeney, even though remote control systems for power grids have been around for two decades, utility companies that are using traditional technologies, such as firewalls and anti-virus, are not doing enough to protect the SCADA and control systems that run the critical national infrastructure from new threats from cyber criminals and terrorist attack.
“The problem is that, as hacker techniques are evolving, the utility companies need to move beyond investing in outdated security technology. They should also be looking at installing multiple defence systems, including behavioural anomaly technology capable of spotting hacker activity before it can do any damage,” he says.
“The days of installing a single tier protection to protect a critical system, such as a power grid, are long gone. Utilities need to look at multiple lines of defence,” he adds.