CASE STUDY

ENERGYCO
WHAT CYBERSECURITY THREATS AND VULNERABILITIES COULD BE
RELEVANT FOR ENERGYCO?

 Network Based Attack: IP Spoofing, DNS Spoofing, Attack to the gateway in smart meter, Sniffing on network, ZigBee and IEEE
802.15.4 networks, Black hole attacks, eavesdropping, privacy attack to metering data launched from the network, DDoS, DoS,
Network attacks in wireless ad-hoc networks

 Attacks on Physical Hardware: manipulating measured energy consumptions, cyber physical attack on the smart grid, remote
access to connect/disconnect and outage reporting used by unwarranted 3rd parties, physical attacks – battery change, removal
and modification, injecting malicious codes into memory of a smart meter.

 Attacks on Data: manipulated data, false data injection, checksum forgery, Cyber-attacks (Control and commands, bulk data),
parallel checksum computation attack, MiTM attack, eavesdropping of messages sent by the smart meter using Known Plaintext
Attack (KPA); Chosen Plaintext Attack (CPA); Ciphertext Only Attack (COA)
WHAT ARE SOME CYBERSECURITY CONTROLS THAT COULD
MINIMISE THESE THREATS AND VULNERABILITIES?

 ISO Standards (i.e ISO27001)

 Type Test and Acceptance Test – WG 11 (IEC 62052-11; IEC 62052-21; IEC 60514) etc.

 SSMP (Secure Smart Metering Protocol – Uses 4 cryptographic protocols with multiple keys to prevent eavesdropping)

 SIEM

 NIST – National Electrical Manufactures Association (NEMA) Standard SG-AMI 1-2009; The Smart Grid and Cyber-Physical
Systems Program Office
WHAT SHOULD THE ORGANISATIONAL STRUCTURE LOOK LIKE TO
BEST ENABLE CYBERSECURITY?
WHAT SHOULD BE INCLUDED WITHIN THE CYBERSECURITY
STRATEGY?

 Cybersecurity Vision

 Cybersecurity Mission

 Company Alignment

 Cybersecurity Strategic Objectives – Goals and Objectives to meet each Goals

 Sustainable Future

 Implementation Plan

 Cybersecurity Funding

 Awareness training
WHO ARE THE KEY INTERNAL AND/OR EXTERNAL STAKEHOLDERS WITH
WHOM THE CSO SHOULD SOCIALISE THE CYBERSECURITY STRATEGY TO
GAIN ENDORSEMENT?
WHAT ARE SOME HURDLES THE CSO MAY ENCOUNTER WHEN DELIVERING
THE CYBERSECURITY STRATEGY? ARE THERE AREAS WHERE EY COULD
POTENTIALLY ASSIST?

 Delivering the solution/recommendation to management levels – why – EY could potentially assist with case studies with and
without cybersecurity strategies and their pitfalls.

 Red Tapes and business model conflicts

WHAT CYBERSECURITY INFORMATION SHOULD THE CSO REPORT UP TO THE
CEO AND THE BOARD OF DIRECTORS ON AN ONGOING BASIS?

 No. of anomalies

 No. of prevented attacks

WHAT KEY CYBERSECURITY INITIATIVES SHOULD ENERGYCO PRIORITISE IN
THE SHORT TERM? WHAT SHOULD IT FOCUS ON IN THE LONG TERM?