On Tuesday 7 December, around 16.45, the quarterly average gross domestic electricity load reached 7210 MW. This broke the record of 7119 MW set on 11 February this year. Not by a small margin!
So how do the boots get on the table? What is the cyber security relevance of this record?
The answer can be found by going back a little earlier.
In the absence of significant new power plant capacity, the share of domestic electricity generation is falling year by year. For several reasons, new entry capacity does not make up for lost domestic production. The only large power plant investment under construction is the Paks II nuclear power plant, but its first unit is likely to come on stream in 2029. However, until today – and further on until 2029 – further power plant capacity is being lost due to uneconomic operability and/or technical obsolescence. Although the production capacity of solar power plants continues to grow dynamically, their dependence on season, time of day and weather limits the amount of electricity they can generate.
However, as is well known, the maintenance of a continuous balance between production and consumption is an essential condition for a continuous supply of electricity.
With insufficient domestic capacity, the system operator either limits consumption or imports electricity. If we imagine the multidirectional effects of possible restrictions on consumption, we are left with electricity imports. The problem is that the share of imports has risen to over 30% in the last 10 years and is now closer to 40% than 30%.
Imported electricity can enter the country through the so-called cross-border transmission lines.
The above is based on public information without exception, i.e. a potential APT attacker does not even need to use some sophisticated OSINT to put together a picture.
A potential APT attacker:
- From the MAVIR website, he can follow in virtually real time the main energy flows, the evolution of the ratio of domestic production to imports,
- can estimate in advance with reasonable accuracy the chances of renewable generation (based on expected cloud cover and wind) and thus the expected level of import exposure, based on meteorological forecasts.
And in addition to the above, public information is
also available that an APT attacker can, if he wants to, determine the optimal – i.e. optimal for the attacker! – attack mode, location and time.
But just as a potential APT attacker can calculate how much 1+1 is, this “math” should be done continuously by all organisations responsible for the smooth operation and management of the electricity system. And in the age of hybrid warfare, it is increasingly necessary to assess and manage potential risks in a complex – holistic, to use the now ‘fashionable’ term. It should be borne in mind that hybrid warfare may, in extreme cases, ‘include’ some cyber-physical attack methods.
Although, according to publicly available information,
our country is not a target country, this could change at any time, and it could also be a problem if we are ‘blown’ by an attack not primarily aimed at us, as in the SolarWinds/Orion case.
In the light of the above, the licensee that strengthens – or, if nothing else, creates – the ‘intelligence’ and analytical capability to gather and assess information relevant to the uninterrupted supply of electricity on an ongoing basis cannot fail.
Oh, and it’s possible that yesterday’s consumption spike will be short-lived. Given the above, further peaks will not reduce the risks outlined, to say the least…
[22]
***
We welcome messages either agreeing or disagreeing with the above. For example, by responding to them in a new post, a substantive professional exchange of views could be initiated.