Cyberattacks on Power Systems

Abstract

Power grids are undergoing a fast-paced process of digitalization for enhanced monitoring and control capabilities and grid intelligence. However, the increased integration of digital technologies, such as the next generation of operational technologies (OTs) and digital substations, implies a new risk as information technology (IT)-OT systems are vulnerable to cyberattacks. Furthermore, the combination of heterogeneous, co-existing smart and legacy technologies generates significant vulnerabilities and security challenges. Examples of cybersecurity incidents related to power grids already exist around the world. On December 23, 2015, cyberattacks were conducted on the power grid in Ukraine that resulted in power outages, which affected 225,000 customers. More sophisticated cyberattacks on the Ukrainian power grid followed on December 17, 2016, resulting in a power outage in the distribution network where 200 MW of load was unsupplied. The complexity of cyberattacks on power systems is likely to increase. This chapter provides the state-of-the-art and essential knowledge of threats and cyberattacks on power systems. This chapter reviews major cyberattacks on power grids and industrial control systems. A detailed taxonomy of cyberattacks is provided. Power grid vulnerability to six main types of cyberattacks is discussed, that is, phishing, malware, network-based attacks, man-in-the-middle attacks, host-based attacks, and denial of service. The impact of cyberattacks on grid operation is analyzed in terms of loss of load, cascading effects, and equipment damage. A case study of a cyberattack scenario and simulation results are provided.