The electrical grid constitutes of legacy systems that were built with no security in mind. As we move towards the Industry 4.0 area though a high-degree of automation and connectivity provides: 1) fast and flexible configuration and updates as well as 2) easier maintenance and handling of misconfigurations and operational errors. Even though considerations are present about the security implications of the Industry 4.0 area in the electrical grid, electricity stakeholders deem their infrastructures as secure since they are isolated and allow no external connections. However, external connections are not the only security risk for electrical utilities. The Tactics, Techniques and Procedures (TTPs) that are employed by adversaries to perform cyber-attack towards the critical Electrical Power and Energy System (EPES) infrastructures are gradually becoming highly advanced and sophisticated. In this article we elaborate on these techniques and demonstrate them in a Power Plant of the Public Power Corporation (PPC). The demonstrated TTPs allow to exploit and execute remote commands in smart meters as well as Programmable Logic Controllers (PLCs) that are responsible for the power generator operation.

翻译：电网是由没有安全保障的古老系统组成。虽然自动化和连通程度高,但我们向工业4.0区移动时,自动化和连通程度高,提供:(1) 快速和灵活的配置和更新,以及(2) 更方便地维护和处理配置错误和操作错误。尽管考虑到电网中工业4.0区的安全影响,但电力利益攸关者认为其基础设施是安全的,因为他们是孤立的,没有外部连接。然而,外部连接并不是电力公用事业的唯一安全风险。对手对关键电力和能源系统基础设施进行网络攻击的战术、技术和程序正在逐渐变得高度先进和复杂。我们在本篇文章中详细阐述这些技术,并在公共电力公司(PPC)的发电厂中展示这些技术。所展示的电网使得能够利用和执行智能计数的远程指令以及负责发电机操作的可编程逻辑管理员。