How Could Hacking Impact My Electricity?
From data breaches into retail giants like Target to credit reporting agencies like Experian, the word “hack” has become commonplace in news alerts across the globe.
Because of the frequency, it could be easy to grow desensitized to the threat and consequences a hacking event can have on a person and/or organization. The good news is your electric cooperative protects the electric grid against cyber security threats every day. October is National Cybersecurity Awareness Month, and we have consulted Michael Meason, senior manager of information and security at Western Farmers Electric Cooperative, based in Anadarko, Oklahoma, to show how your cooperative is keeping your electricity safe.
Q: What is “hacking?”
The term “hacking” has been historically used to describe activities associated with inquisitive people discovering how things work. Hacking has traditionally been an exercise of immersion in a topic of interest which ultimately leads to a detailed understanding of how a product or process is designed to work, and how one can make it work in ways the designers never considered it could work.
The contemporary connotation associated with hacking has a derogatory slant to it and is now the generally accepted notion that “hacking” is malicious. People should care about hacking because the reliance upon technology in our everyday lives is so pervasive that the subversion of technology can produce some pretty risky results, whether that be in the power grid, self-driving cars, or the global positioning systems (GPS) systems that we rely upon.
Q: The original infrastructure of the grid was developed for physical threats in mind (weather, vandalism, etc.). As the grid continues to become “smarter,” what do cyber threats look like?
Unfortunately, the cyber threats to a modernized grid infrastructure are more serious than they have ever been. However, there is more focus on operational cyber security at this time than ever before. It is an identified issue that the industry is expending a lot of resources to address. We are working very hard to continue to address the core business concerns of delivering electricity to members while paying close attention to important issues like cyber security as well as other emerging topics.
Q: Why would an individual or group want to attack to the electric grid?
Motivations will vary for each potential threat actor. An “actor” is a general term we use to imply “bad guys” or “adversaries” in the industry. We believe the threat which could have the greatest impact on the electric grid as a whole would be a nation state or state sponsored actor. The motivations of nation states or state sponsored actors are typically related to political or geo-political objectives, or the furtherance of capabilities in the cyberspace realm that could enhance kinetic or military operations. However, the United States government has developed cyber warfare capabilities that serve as a major deterrent against nation state actors perpetrating a major attack such as that which would be required to attack an infrastructure as pervasive and critical as the power grid in the United States.
Q: How does Western Farmers Electric Cooperative defend against cyber threats?
We have a team of people that focus on WFEC compliance with all relevant cyber security regulations as well as the actual security of our critical infrastructure and the posture of our organization as a whole. Our security team stays focused on their part of the larger mission of affordable and reliable power for Oklahomans. We do that by developing important capabilities within our security team, like variation monitoring.
Within typical cybersecurity, an organization is constantly on the lookout for an event to happen. Your team has to be supremely informed of every aspect of the system to be able to recognize the event. If you get someone who has a novel approach they can implement an attack in a way you haven’t seen or won’t be recognized. Our focus is not monitoring solely for the events but looking for variations in our system that indicate a threat could occur.
Western Farmers Electric Cooperative takes the defense of our critical infrastructure against cyber threats very seriously. The most important thing we can do at WFEC is to reliably generate and deliver power to our member-owners for distribution to homes and businesses in Oklahoma.
To see more about National Cybersecurity Awareness Month and to learn how to better protect your own data, visit https://staysafeonline.org/ncsam/.