In light of the recent cyberattack on MGM Resorts, electric cooperatives must take a moment to reflect on the vulnerability of their digital assets and the critical importance of having a robust backup and recovery plan in place.
The MGM Resorts Cyberattack: A Brief Overview
On September 11, 2023, MGM Resorts International faced a significant cybersecurity issue that forced the company to shut down some of its systems. The cyberattack affected various aspects of the business, including room key access and the functionality of slot machines and ATMs. Even the MGM Rewards App, which guests use to access digital room keys and trip information, went offline. The incident has left many wondering how long it will take to restore the systems and the extent of the infiltration.
The Potential Impact on Electric Cooperatives
Imagine a similar scenario where an electric cooperative’s most vital systems such as billing, SCADA, or AMI are compromised. The loss of availability in these systems could result in severe disruptions, including:
- Billing: A halt in billing processes could lead to financial instability and a loss of trust among consumers. How long can your cooperative go without revenue?
- SCADA: The Supervisory Control and Data Acquisition (SCADA) system is crucial for monitoring and controlling the cooperative’s processes. A cyberattack could result in operational disruptions and potential safety hazards. Is SCADA a major part of your cooperative’s reliability?
- AMI: Advanced Metering Infrastructure (AMI) facilitates efficient energy management. A compromise in this system could lead to inaccurate billing and energy management issues. Do you have offline AMI data readily available as it relates to matching it to members’ physical meter?
The Need for a Strong Backup & Recovery Plan
The MGM Resorts incident serves as a stark reminder of the potential repercussions of not having a backup and recovery plan. Electric cooperatives must ensure they have strategies in place to:
- Quickly Restore Services: Develop a plan to restore services swiftly to minimize downtime and maintain member trust.
- Communications Plan: Your communication plan shouldn’t be ad hoc! Check out this resource from NRECA to help craft a meaningful communications plan.
- Protect Sensitive Data: Implement measures to safeguard sensitive data from unauthorized access.
- Regular Training and Awareness: Regularly train employees to handle cybersecurity issues and create awareness about the potential risks.
Conclusion
As the MGM Resorts cyberattack starkly illustrates, waiting for a breach to happen is not a strategy; it is a recipe for disaster. Electric cooperatives stand as a beacon of community resilience and self-reliance. Now, more than ever, it is imperative to fortify your digital infrastructures proactively rather than reactively. We cannot afford a moment’s delay. Every second we spend without a robust backup and recovery plan is a second that leaves us vulnerable to potentially catastrophic disruptions.
Let this be the moment we choose foresight over regret, action over hesitation. Let us champion a future where our cooperatives are structured to be as resilient to cyber threats as they are to storms and other disruptions. It is not just a matter of protecting our assets; it is about safeguarding our communities, our members, and the very trust that binds us. Let’s act now, with urgency and unity, to build cooperative fortresses that stand unyielding in the face of any adversity.
