The assault didn’t goal grid operations however may have
Consultants say the obvious monetary motivation leads them to imagine the attackers weren’t concentrating on grid operations. “These unhealthy guys have been searching for compute units that they might use to do pc internet-related varieties of extortion,” Thomas Tansy, CEO of DER Safety, tells CSO. “From that standpoint, the truth that they hijacked a contact could be no completely different than unhealthy guys hijacking industrial cameras, house routers, or different units which are related to the web. The intent of the assault was to not compromise the ability grid. It was to extort cash.”
However, if the hackers have been motivated to disrupt the ability grid, they might have exploited these unpatched units for extra malevolent functions, Tansy says. “May an adversary pivot and say, ‘We’re now not concerned with extorting folks immediately, we’re concerned with interrupting energy on the grid?’ Certain. If that they had the experience to try this, the truth that they’re contained in the system offers them the chance. After all, they’d need to have the abilities and the know-how to drag off, however at that time, the barbarians are contained in the gates.”
Entry to monitoring programs will grant some stage of entry to the precise photovoltaic set up, Willem Westerhof, group supervisor at Secura, tells CSO. “You successfully have native community entry. You would strive, as an alternative of doing what they did, you possibly can attempt to leverage that entry to assault something that’s in the identical community.”
Attackers may acquire entry to a central management system
Such networks usually have a central management system, which, if infiltrated may permit attackers to take over greater than a single photo voltaic park. “Based mostly on what I’ve seen, this particular monitoring gear additionally has the choice to, for instance, shut down the photovoltaic set up,” Westerhof says. “So, you possibly can shut down and begin up a photo voltaic park this fashion. I don’t assume the grid will get utterly shut down, given the size of the assault and obtainable countermeasures, nevertheless it’ll in all probability make some folks answerable for grid balancing very nervous in case you begin shutting these down or repeatedly biking them on and off.”
Nonetheless, grid-scale photo voltaic installations, corresponding to people who utilities more and more use to gasoline their energy provide, possible have enough protections constructed into their networks to thwart this type of assault.
Necessary security safeguards corresponding to “NERC-CIP begins to use relying on how large it’s and the way impactful the set up is,” Andrew Ginter, VP of commercial security at Waterfall Safety Methods, tells CSO. “And also you are likely to see extra rigorous cybersecurity being utilized simply because it makes good enterprise sense. You probably have a dozen photo voltaic farms, every of which is producing 300 megawatts of energy, a utility is monitoring these issues.”
