Cybersecurity for Transmission and Distribution in Africa

On June 3, 2020, Power Africa co-hosted a webinar with the Israeli Trade and Economic Missions in Africa and the United States Energy Association, featuring speakers from the Israeli National Cyber Directorate, Great River Energy (a U.S. electric utility), and the Israel Electric Corporation to share their experiences managing cybersecurity threats in power transmission and distribution.

Nearly 150 participants from 25 African countries joined the webinar.

Photo Credit: Jake Lyell

Around the world, national electricity sectors are becoming increasingly digitized, making cybersecurity risks a rising challenge. The World Energy Council estimates that cyberattacks almost doubled in the past five years, from 87 attacks in 2014 to over 150 in 2019. The Council also estimates that eight out of ten energy sector companies are not prepared to manage a cyberattack, and that recruitment for talent in cybersecurity and related fields is lagging.

Attacks on critical electric infrastructure — and their associated outages — can have serious impacts on national security, the economy, and even public health. One forecast from Cyber Defense Magazine estimates that during 2021, the annual global cost of cyber-crime could reach $6 trillion. Robust security protocols are increasingly important to governments and utilities to prevent and respond to attacks on key transmission and distribution infrastructure.

Although the threat to critical infrastructure in Africa may feel remote, it is likely to increase as more systems become automated, linked to cloud-based technologies, and accessible through remote entry points. Perpetrators of cyber-crime will also look for new markets and opportunities to exploit organizations with poor cyber threat systems in place.

For example, City Power Johannesburg in South Africa suffered a ransomware attack in July 2019 that affected most of the utility’s applications and networks, potentially impacting a quarter of a million customers.

Utilities across the continent need to secure their critical infrastructure against ever-changing cyber threats to prevent this type of costly and reputationally risky incident.

Power Africa Partners Address Cybersecurity

Amit Lev of the Johannesburg-based Israeli Trade and Economic Missions in Africa welcomed participants, with opening remarks from Power Africa’s Acting Coordinator, Mark Carrato.

Roi Yarom of the Israeli National Cyber Directorate (INCD) walked participants through Israel’s approach to cybersecurity, including relatable examples of how smaller African countries can protect their utilities from cyber threats.

Yarom outlined the breadth of the threat landscape, and argued that threats are becoming increasingly complex:

He also shared Israel’s National Cyber Concept for Crisis Preparedness and Management, as well as key building blocks to a robust and resilient national cybersecurity strategy. Yarom added that a strong national strategy can support the electricity sector to identify and prevent attacks on critical infrastructure, which are among the most common and important targets.

Marc Child, from Great River Energy, demonstrated how small utilities with limited budgets and personnel can manage cybersecurity effectively. He focused on six steps utilities can take to manage cybersecurity management:

  1. Prioritize critical infrastructure
  2. Protect and detect risks
  3. Manage vulnerabilities
  4. Manage incidents
  5. Develop a roadmap for long-term improvements
  6. Inspire others to take on this challenge

Child stressed the importance of top leadership buy-in and accountability for cybersecurity, and the importance of basic assumptions.

If you assume you will have a breach at some point, you won’t get caught flat-footed.

He recommended the United States National Institute of Standards and Technology (NIST)’s Cybersecurity Framework as a free resource.

Motti Cohen from Israel Electric Corporation (IEC) drilled down further. As the national utility responsible for generating and supplying electricity to all sectors in the economy, IEC is one of the most-attacked companies in Israel, experiencing cyberattacks on a daily basis.

He demonstrated software developed by IEC to help utilities train staff to respond to cyberattacks. Through simulation, participants witnessed a remote actor attempt to increase the speed of a diesel generator until it exploded, which would have caused a major power outage. The platform can emulate and simulate cyberattacks and verify robustness testing for industrial control systems.

A common theme throughout the webinar was the importance of investing time and resources into cybersecurity technology and strategies.

Presenters identified key personnel needs such as recruiting cybersecurity experts, training staff to add this responsibility to their existing duties, and training all personnel with access to internal systems to prevent phishing and ransomware attacks.

The panelists emphasized the importance of open communication on incidents and sharing of lessons with multiple stakeholders to prevent repeat attacks and raise awareness of other potential targets, which requires dialogue between the electricity and law enforcement sectors.

All three panelists expressed their desire to help African utilities tackle cybersecurity challenges.