Between The Lines: This Tech Can Help Protect The Power Grid From Hackers

If Thomas Edison had looked at blueprints for many modern electrical grids as recently as 15 years ago, he may have spotted many similarities to the system he designed. But after more than a century of moving electricity the same way, the industry has begun to change. Today, sensors on transformers can detect if the equipment is at risk of failing and send an alert to operators miles away. Tiny computers attached to different points on the grid can help forecast and control energy resources. And smart meters in our homes can alert us when to turn lights off to save on electricity costs.
All of that is possible because of digitization — the process of bringing technology including sensors, cloud computing and artificial intelligence (AI) to electrical grids around the world. But while these technologies allow utilities to distribute energy more safely, reliably and affordably, they come with a disconcerting side effect. All that data steadily flowing through the network leaves smart grids vulnerable to a new kind of attacks.

In 2015, for example, hackers disrupted power services to 225,000 users in Ukraine. Two years later, a ransomware virus infected Ukraine’s grid again and spread through parts of Europe. Then, last March, crooks caused utilities in the western United States to lose communications for about 10 hours. “Every year, there is an incident that’s impactful enough to prompt more people to pay attention to [security issues],” says Claudia Cosoreanu, who oversees security concerns as executive director of global engineering services and advanced automation applications for GE Grid Solutions, a unit of GE Renewable Energy.

width=

Sensors and data are making the grid smarter and more efficient, but utilities need to prepare for new challenges. Top and above images credit: Getty Images.

In January, Cosoreanu was in San Antonio, Texas, at DISTRIBUTECH International, the leading annual electricity transmission and distribution event, where grid security was also a hot topic. For more than a decade, she and other experts from the GE unit have helped keep customers safe by providing products and consulting services that can help them detect vulnerabilities in utility grids, address those weaknesses, and train personnel how to stay on the lookout for potential threats.

For instance, one utility was concerned about hackers trying to penetrate its operations. To fortify its system, GE consultants installed a network intrusion detection system, which uses AI to learn typical patterns of communication, such as when substations report outages to service providers, and alert operators if communications deviate from those patterns — a sign of a potential hack.

Another customer worried about threats from personnel. “One of the biggest threats is disgruntled employees,” says John McDonald, who leads smart grid business development for GE Grid Solutions. “The risk is that this disgruntled employee has passwords and access privileges and knows how to cause the greatest impact to their grid and the utility’s customers.” To that end, GE consultants recommended a password vault that makes passwords obsolete much more frequently.

With more people working remotely, there’s a heightened risk that employees could lose their smart devices, inadvertently leaving sensitive material in, say, the airport. That’s why GE Grid Solutions advised another utility to create a centralized system that records every time users log in or out of their devices — acting like the old-fashioned ledgers in the lobbies of office buildings and alerting the utility of suspicious activity.

However, no software is as valuable as employees who can react calmly and wisely in an emergency. To train utilities what to do in a worst-case scenario, GE consultants delve into the details of past crises. For instance, one customer ran through the anatomy of the attack in Ukraine three years ago, breaking down the steps hackers took to plan and launch the attack over a nine-month period. The IT team then simulated various attacks, like sending out phishing emails, to make sure employees knew how to respond.

Eliminating attacks is probably an unrealistic goal. Instead, utilities need to be as armed as possible to repel and mitigate the inevitable.

Company news and announcements.

Stories from the world of GE.

Sign up today and get involved!

Company news and stories.

GE Company Overview.

Stock.

Investor events and reports.

GE in the news.

SEC filings.

Spin-off resources

Annual Report.

Annual meeting

Governance.

GE Shareholder Services.

Contact us.

Investor Relations at GE.

Meet our executives.

Over 125 years of innovation.

Building a world that works for everyone.

Advancing the future of energy.

Environmental, Social and Governance at GE.

Frequently asked questions.

Questions and inquiries.

GE is supporting the fight against COVID-19.

Building a world that works.

Explore careers at GE.

A career at GE is more than the work you do.

GE's culture of inclusion.

Join the team.

We're built to be your full-service additive partner.

Advancing flight for future generations

Serving customers and markets aligned to GE’s businesses.

Putting industrial data to work.

Powering forward.

Wind, hydro, hybrid power, distributed by grid.

Where research meets reality to propel GE and the world forward.

Partnering to define the future of industries.

Inventing the future of industry.

News

News

Press Releases

GE Reports

Voices

Investors

Investors overview

GE company overview

Stock

Events & reports

IR Updates

SEC filings

Spin-off resources

Annual report

Annual meeting

Governance

Shareholder services

Contact

About us

About us

GE leadership

History

Diversity

Energy Transition

ESG

FAQs

Contact us

COVID-19

Careers

Careers

Search jobs

Working at GE

Inclusion & Diversity

Businesses

Businesses at GE

Additive

Aerospace

Capital

Digital

Power

Renewable Energy

Research