A rush towards ‘Smart’ technology, without an associated hike in security, is laying the power sector open to devastating cyber attacks, warns the head of a UK-based security specialist.

While recent attacks on Saudi Oil Co. and Qatari Rasgas have highlighted risks from malware, power firms underestimate the dangers in interactive technology, says Chris McIntosh, CEO of ViaSat UK.

Chris McIntosh of ViaSat UK

‘The power sector has been quick to adopt internet connectivity into their systems,’ he told PEi. ‘However, it has been slow to adopt improving levels of security and this is where the issue lies.’

Attackers have already shifted their attention to vulnerable substations, as any ‘easy route onto the power network’, he said. But risks are now ratcheting up as web-connected smart meters create even more points of entry.

‘The end result is essentially a spider’s web with every strand a viable point of entry,’ he said.

Attacks on power assets are showing ‘a high degree of professionalism and funding’, he added.

‘The power industry now more than ever needs to avoid becoming complacent,’ he said. Despite the financial sector’s advanced safeguards, 75 per cent of the world’s largest banks were infected with malware last year, he added.

‘Cyber attacks also have the potential to create more serious damage than outages, the overloading of power stations to cause explosions being one possibility,’ he said.

To counter an ‘alarming rate’ of cyber attacks, power firms should tackle the inherent risks of interconnected real time control systems with measures such as data encryption and rigorous authentication protocols, he added.

For more Smart Grid news