The increasing digitalization of power substations and the integration of communication networks in electrical systems have exposed critical infrastructure to a growing number of cybersecurity threats. This study presents the design and implementation of a simulated environment to emulate cyberattacks—specifically Denial of Service (DoS) attacks—on digital substations, aiming to raise awareness and improve cybersecurity practices in operational technology (OT) networks. Using open-source tools such as Mininet, Wireshark, and hping3, a digital twin of a substation communication system was built to replicate realistic network behavior under both normal and attack conditions. During the attack scenario, SYN flood packets were sent at a rate of approximately 530 packets per second and sustained for 10 seconds, leading to a total of 5300 attack packets. Packet capture analysis revealed that the average packet size increased from 78 bytes (normal traffic) to over 110 bytes during the attack. Additionally, the number of TCP SYN packets increased by 90%, significantly disrupting normal communication flow. These anomalies were clearly observable in the time-sequence visualizations generated using Wireshark. The simulation demonstrated the vulnerability of digital substations to basic network-layer exploits. This emulated environment provides a valuable platform for educational and training purposes, allowing security practitioners and engineers to visualize and understand attack patterns in critical systems. This study emphasizes the importance of proactive cyber-defense strategies in modern power systems and proposes further integration with intrusion detection mechanisms and AI-based anomaly detection tools to enhance resilience.