Smart electricity adopts proactive quantum-resistant cybersecurity 

Energy meters, around 250 million, dominate the power sector as the most prevalent IoT devices.

Safeguarding critical infrastructure in the age of smart grids requires a proactive and multi-layered security approach. As technology evolves, robust cyber-security measures become even more crucial to ensure the confidentiality, integrity, and availability of data and services. The ongoing race between cyber security measures and evolving threats underscores the importance of staying vigilant and adaptive in the face of emerging challenges. Aniruddha Shahapure shares his views on the industry in talks with EPR Magazine.

Securing smart grid infrastructure

Integrating sensors and IoT devices in the smart grid has become a cornerstone of critical infrastructure. One prominent player in this domain is CyanConnode, a leading Narrowband Radio Frequency (RF) Smart Mesh Networks technology provider, boasting over 1.6 million installations across India to reach 4 million installations. This extensive network underscores the increasing reliance on digital communication for transmitting, storing, and utilising data in the power sector.

Cyber security emerges as a pivotal concern as we propel toward the smart cities and smart electricity era. The power sector is now heavily populated with approximately 150 million energy meters, making them the most ubiquitous IoT devices. The confidentiality, integrity, and availability of the data transmitted by these devices are paramount for the system’s proper functioning.

However, connecting these devices to the internet exposes them to various cyber security risks. The potential compromise of highly granular data detailing individuals’ energy usage and linked with personal information like Aadhar card details raises significant privacy concerns. The repercussions of a cyber-attack on such a system could range from targeted disruptions, such as cutting off electricity to specific houses, to more widespread consequences.

Cyber security challenges for smart cities

Real-world examples, like the hacking of a casino through an IoT device, underscore the vulnerabilities in connected systems. Various types of cyber-attacks, including phishing, malware, password attacks, denial of service, and man-in-the-middle attacks, pose serious threats to the security of smart city infrastructure. Historical incidents, like the 2015 cyber-attack on a power station in Ukraine, highlight the potential real-world consequences of such attacks.

In the Indian context, the surge in cyber-attacks, including incidents involving prestigious institutions like AIIMS Delhi and utility information technology, adds urgency to the need for robust cybersecurity measures. Ransomware attacks, where data is encrypted and held hostage, further complicate the landscape, emphasising the need for comprehensive security strategies.

The advent of quantum computers introduces new challenges to cyber security. The potential breakability of conventional encryption methods, such as AES 256, by quantum computers necessitates a proactive approach to stay ahead of evolving threats. Quantum-resistant security measures are imperative for maintaining the integrity of smart city infrastructure in the face of advancing technologies.

Notably, humans are identified as the weakest link in the cyber-physical system due to their susceptibility to mistakes and vulnerabilities. Addressing these challenges requires a holistic approach covering human behaviour and installing, monitoring, and maintaining connected systems. A comprehensive security solution should encompass encryption, authentication, authorisation, regular security audits, malware protection, network security, and VPN security.

End-to-end security control techniques are crucial for safeguarding the entire system. This involves implementing measures such as AES 128 encryption for smart meters, unique certificates for each node, DTLS-based security for gateways, and public key infrastructure certificates for cloud storage. These measures aim to minimise the potential attack surface for hackers to exploit.

Spokesperson: Anirudhha Shahapure- COO, CyanConnode