Utility companies are predicted to spend $14bn on security upgrades to smart grids between this year and 2018 as the industry “plays catch-up” on cyber crime.

A report published today by cleantech analysts Pike Research called Smart Grid Cyber Security found that last year’s Stuxnet computer virus, which targeted Siemens industrial software and systems running with Microsoft Windows, made power firms realise that their so-called smart equipment was vulnerable to attack.

This week it was also revealed that a new Stuxnet ‘clone’ called Duqu, also apparently targeted at SCADA systems, has infected computers at European organisations.

“Smart grids need intelligence or they are not smart,” said Pike’s senior analyst Bob Lockhart. “Adding that intelligence to grids will increase their attack surface and utilities know this. But the industry is still playing catch-up to the threats facing power grids: the greatest needs lie in securing control system segments including transmission upgrades, substation automation, and distribution automation.”

But Lockhart added that despite this, “many cyber security vendors are still focusing on IT security functions such as smart meter security, revealing a critical gap between current security offerings and the needs of the market”.

And he had a grave warning for power companies. “Cyber security is still way behind the attackers. Even where strong countermeasures exist, they are not consistently deployed, and most sophisticated attackers look at smart grids from a systemic perspective while often the defences have been installed in piecemeal fashion, without an architecture. This hands an enormous advantage to the attackers, one that the utility industry will grapple with neutralising for years to come.”

For more smart grid news click here