Artificial intelligence (AI) has emerged as a promising solution to modernize power grids. The technology, alongside other upgrades like Internet of Things (IoT) connectivity, could make energy infrastructure more reliable and sustainable. However, AI power grids also pose significant cybersecurity risks. Attacks against critical infrastructure are becoming more common. As energy authorities ramp up their investments in AI, they should pay attention to these risks to enable a safer tech transformation.

Do you remember the last time you didn’t have water? Reliable water delivery is something many of us take for granted. Our local water treatment plant sits at the edge of our neighborhood, and I pass it every day on my way to take the kids to school. Not a lot seems to go on there, so it never occurred to me that I should be concerned about an attack on this critical infrastructure. What does occur to me is the possibility of a cyberattack on our water system.

On May 9, the North American Electric Reliability Corporation (NERC) officially adopted new Critical Infrastructure Protection (CIP) requirements for Internal Network Security Monitoring (INSM). This is one of the last steps before Federal regulators make it an official standard for utilities and the electrical power grid industry. What does it mean? Compliance for CIP-015-1 is coming to your utility. Utilities will need monitoring tools with deep and wide asset intelligence and network control.

The energy sector is having a tumultuous decade. During the COVID pandemic, the price of oil plummeted. In 2021, a ransomware attack forced one of the US’s most significant oil pipelines to cease operations for five days, causing a state of emergency in seventeen states. Putin’s war in Ukraine has disrupted natural gas supplies across Europe. And now, it seems, it is the electricity providers’ turn to suffer a blow.

The security of embedded devices is in the news over the last few years, especially IoT assets and OT systems. From connected medical devices to industrial control systems to smartwatches and building automation, connected IoT devices will expand to over 25 billion by 2028.

Critical infrastructure facilities operated by the private and public sectors face a complex and continuously growing web of security threats that are compounded by the increasing convergence of information and operational technology (OT) in this area.

This week, the U.S. Environmental Protection Agency (EPA) warned that cyberattacks against water utilities across the country are becoming more frequent and more severe. The agency urged water systems to take immediate actions to protect the nation’s drinking water. According to the EPA, there are more than 150,000 public water systems across the U.S. serving over 300 million people—virtually all of which are administered and secured at local levels of government.

It has always been clear, even before the Colonial Pipeline attack, that the energy sector is a prime target for not only criminal threat groups, but also nation-state actors. After all, halting fuel and energy supplies can quickly bring a region to a halt and thus require the highest level of cyber and physical security possible.

The Canadian, US, and UK governments issued a series of recommendations in their just-released security alert Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity, which mirror my own insights on the important topic. The alert notes that all three governments are aware of pro-Russia hacktivists targeting and compromising small-scale OT systems in North American and European Water and Wastewater Systems (WWS), Dams, Energy, and Food and Agriculture sectors.

Critical infrastructure services in North America face accelerating threats from both nation-states and other sophisticated threat actors. Governments globally are grappling with how to best balance incentives, support, and direct oversight. Meanwhile, critical infrastructure owners and operators face significant challenges with technology, staff resources, and expertise to better manage cyber resilience.