The effect of SMiShing attack on security of demand response programs

Elif Ustundag Soykan*, Mustafa Bagriyanik

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

10 Citations (Scopus)


Demand response (DR) is a vital element for a reliable and sustainable power grid. Consumer behavior is a key factor in the success of DR programs. In this study, we focus on how consumer reaction to Short Messaging Service (SMS) messages can disturb the demand response. We present a new type of threat to DR programs using SMS phishing attacks. We follow a holistic approach starting from a risk assessment focusing on DR programs' notification message security following the Smart Grid Information Security (SGIS) risk methodology. We identify threats, conduct impact analysis, and estimate the likelihood of the attacks for various attacker types and motivations. We implemented deterministic and randomized attack scenarios to demonstrate the success of the attack using a state-of-the-art simulator on the IEEE European Low Voltage Feeder Test System. Simulations show that the attack results in local outages, which may lead to large-scale blackouts with the cascading effect on the power system. We conclude that this is a new type of threat that has been overlooked, and it deserves more attention as mobile devices will continually be part of our lives.

Original languageEnglish
Article numberen13174542
Issue number17
Publication statusPublished - Sept 2020

Bibliographical note

Publisher Copyright:
© 2020 by the authors.


  • Demand response
  • Risk analysis
  • Security
  • Smart grid
  • SMiShing
  • SMS phishing


Dive into the research topics of 'The effect of SMiShing attack on security of demand response programs'. Together they form a unique fingerprint.

Cite this