The Growing Digital Vulnerabilities of the Power Generation Sector

Presentation Description: Today’s power plants are controlled by complex digital systems that monitor and adjust using algorithms and predictive routines. More of our electricity is generated by large solar and wind farms, often not supported by on-site personnel. As a society, we crucially depend on a reliable electric system. With this dependency, we have become vulnerable to any disturbances to the availability of electric power supply. As we rely more on the electric grid, the power plants that anchor the critical network have increasingly come under attack by bad actors seeking to wreak havoc and extort payments in exchange for returning the affected plant to service. While the importance of our electrical grid has increased, cyber-attacks nature has become less sophisticated and costly to perpetrate, all the while seeking to exploit larger attack surfaces. In response to this situation, the Department of Energy asked Congress for a $201 million budget request to address digital vulnerabilities after various cyber-attacks this year.

Two types of networks that support power plants are classified as either IT business networks or operation technology networks. This separation is designed to ensure that no malware or bad actors on the business network wormhole their way into the critical control networks. While these two systems are distinct, they both utilize digital networks and are vulnerable to attack.

Join Julian Kaufmann, Senior Vice President of CAMS Corporate Development, in this presentation to discuss:

• Reasons bad actors attack electric grid and NERC Compliance roles in protecting power plants
• Common attack vectors and how power plants can prevent and protect themselves from digital vulnerabilities

Methodology: Case studies and past examples of cyber-attacks on power plants and solution recommendations.