Is Australia’s electricity grid at risk of Russian cyber attacks?

More than ever, we feel the impact of our electricity being cut off. For those of you who can’t go more than a few minutes without checking your smartphones, a power cut could leave you feeling lost and lonely when the last of your phone’s battery has drained.

And if it’s after dark, you won’t even be able to use the phone as a torch, as many of you may now do.

Of course, if the power outage is short, you’ll manage. But what if our electricity grid is targeted by hackers, leaving us without power for not hours but days?

Read: Could electricity become ‘too cheap to meter’?

Could it happen? Yes, and it already has – even here in Australia. As recently as late last year that Queensland electricity company CS Energy came close to being crippled when criminal Russian hackers hit it with a serious ransomware attack.

The cyber-attack was discovered on 27 November and the company informed the public about the incident a few days later. The company said that ransomware compromised devices on its corporate network, but it was quickly isolated from other internal networks, preventing the malware from spreading.

Safety and operations at its Kogan Creek and Callide power stations were not impacted, nor was power generation and delivery, or so the company said.

Read: The battle for AGL heralds a new dawn for Australian electricity

The impact of that attack was ultimately minimal, but it highlights the fragility and vulnerability of our electricity generators. With Russia now subject to its own crippling economic sanctions as a result of the invasion of Ukraine, security experts are on high alert for Russian hackers looking to retaliate by exploiting any weaknesses in the electricity grid.

Are the risks greater than they used to be?

In short, yes. As society takes increasing advantage of the connectivity afforded, so does the risk also increase. And it’s not just through smartphones and digital tablets. Solar panels and so-called ‘smart appliances’ are also at risk of being hacked.

“The more connected you are the more important cyber security is,” says chief strategy officer at CyberCX Alastair MacGibbon.

“We rely upon those connected devices that make up our society to function to the point now where there would literally be potential loss of life, potential catastrophic, cascading effects on the very functioning of society if we don’t get cyber security right.”

Those risks will continue to grow as the electricity system becomes more complex, he adds.

Read: What you’ll be paying for electricity in 2024

Of course, Australia is not the only country at risk of a cyber-attack. Authorities in the US have spent several years formulating response plans and playing out drills in preparation for an attack on the American electricity grid.

In Australia, the responsibility of the security of the country’s power supply falls within the Department of Industry, Science, Energy and Resources and is managed in conjunction with the Australian Energy Market Operator (AEMO) using a program known as the Australian Energy Sector Cyber Security Framework.

The framework was developed in 2018 by AEMO, industry and the Australian Government, and has been expanded this year to include the liquid fuels sector.

If you enjoy our content, don’t keep it to yourself. Share our free eNews with your friends and encourage them to sign up.

Written by Andrew Gigacz

LOADING MORE ARTICLE...