A cyberattack cannot take down the electric power system

25.11.2022

Can the Finnish electric power system withstand cyberattacks? Could a hacker hacking into data processing systems cut off the electricity in Finland? Tuukka Heikkilä, a cybersecurity expert in the energy industry, assures: The electric power system is strongly protected.

According to Tuukka Heikkilä, critical Finnish infrastructure companies—such as energy companies—have worked hard and successfully to secure their data processing systems.

“We also have evidence of the success of this work, as cyberattacks have not caused significant damage and hackers have not been able to access critical societal functions. The Finnish electric power system is also safe,” he assures.

Knocking on data processing systems

According to Tuukka Heikkilä, hackers are constantly knocking on data processing systems and looking for vulnerabilities that could be exploited. More detailed information about the knocking is often not publicly disclosed.

A well-known example of what a cyberattack can do to electric power systems is what happened in Ukraine in 2015. The electricity suddenly went out in the western part of the country on the eve of Christmas Eve. Around 230,000 people lived in the area of the outage.

The electricity was out for approximately six hours at most. It was clear immediately after the outage that it was caused by a cyberattack that had been planned well in advance and was well-prepared, and was executed using several malware programs. The attack was successful, even though the Ukrainian network was considered to be very well protected.

There is no definite information about the people responsible, but strong suspicion immediately fell on the Russian state and hacker groups working with it.

Increased susceptibility to attacks

Today, advanced data processing systems control almost everything—including electricity generation and distribution. Thanks to them, the electricity network is smarter, too. In addition, the industry utilises a variety of remote access solutions. All of this offers a lot of benefits. However, this means an increased susceptibility to cyberattacks.

According to Tuukka Heikkilä, a variety of offenders are behind the attacks.

“They include teenagers letting out their frustrations, professional criminals, and state intelligence services. The motives and resources of the offending groups vary greatly,” he explains.

Heikkilä explains that a typical cyberattack progresses as follows: First, the intruder enters the data processing system using malware, which lies in wait in the depths of the system. Sooner or later, it becomes active and begins its destruction.

Disconnecting the data processing system from the internet

How then can cyberattacks be protected against?

According to Tuukka Heikkilä, the most secure way is to disconnect critical data processing systems from the internet, through which different computer worms and malware can be fed into the systems. There has been a lot of defederation done in Finland.

However, a data processing system is not necessarily protected even if it is disconnected from the internet.

“An infected memory card, for example, could inadvertently be connected to the system. Or a phone runs out of charge and is connected to a computer for additional power,” explains Heikkilä.

In practice, cybersecurity could be dependent on one person. That is why it is important to train employees.

Tuukka Heikkilä also notes that connecting data processing systems to the internet often brings such great advantages that it makes sense to do it despite the risks. The internet also conveniently makes remote work and remote access, for example, possible.

No more coconut shell

Overall, the philosophy of securing data processing systems has changed in recent years. In the past, attempts were made to build as strong a shell as possible around them using different solutions.

“They tried to shield the systems with coconut shells, through which nothing harmful would get through,” Heikkilä describes.

Today, we recognise that it is impossible to fully protect data processing systems—sooner or later something will be able to penetrate them. However, the system must be able to continue operating despite an infiltration.

Heikkilä, an expert, emphasises that cybersecurity maintenance must not be cease for a moment—work must be done continuously. Cybersecurity is also not free, it requires investment. He offers one more piece of advice:

“Keep your computer and phone up-to-date with security updates. These updates patch the gaps that cyberattackers could exploit.”

 

Read more about how Oulun Energian Sähköverkko Oy is prepared for different extraordinary circumstances.

The article was originally published in the Oulun Energia customer magazine in February 2022. Text by Kari Arokylä.