IT Jobs
Smart grid makes us vulnerable to hacks and terrorism
The more advanced our systems get, the more that can go wrong
By Ira Winkler | Computerworld US
Published: 10:53 GMT, 03 December 09
What can harm you most? That for which you are least prepared. Given the level of denial within power companies that are gearing up for the smart grid, I'd say we can expect a lot of harm to be heading their way.
I've been thinking about this because a state government CISO recently told me that he worries a lot about the smart grid and the tremendous damage that could result if it were exploited. But when he has sounded the alarm, other people in the government have said they don't see how hacking the smart grid could cause much damage.
The evidence that I have seen says otherwise.
Hackers have the means, and they don't lack for motivation, be it terrorism, extortion, piracy or just sheer orneriness.
The means are simple enough. The smart grid is a theoretically closed network, but one with an access point at every home, business and other electrical power user where a smart grid device is installed. Those devices, which essentially put the smarts into the grid, are computers with access to the network. In the same way attackers have found vulnerabilities in every other computer and software system, they will find vulnerabilities in smart grid devices.
In fact, they already have, with a security consultancy demonstrating the vulnerability. In theory, potential attacks are limited only by the functions of the devices. Essentially, the devices can be turned against themselves and the entire power grid.
Here are some of the things I foresee as quite within the realm of possibility:
- Cutting electricity to all homes and businesses. A custom worm could shut down the power grid. Smart grid devices generally track the electricity flowing into a building, but they can also be programmed to stop the flow of electricity into a building. A hacker could exploit that capability to interrupt the flow of electricity or implement a service cancellation message, and could even design a worm that would seek out other systems to infect. Before you know it, no one on the network would be able to receive power.
Consider the 2003 power failure in the Northeast US. In the early hours of the outage, speculation was rampant that terrorists were to blame. There was a collective sigh of relief when Homeland Security Secretary Tom Ridge formally declared that the event was not terrorist related. While it baffles me that it is more comforting for people to think it is OK for the power to go out for no good reason at all, that event demonstrated that even the specter of terrorism can cause a psychic blow to the country. - Overburdening the grid. A critical function of the smart grid is to better manage the flow of electricity through the system. This is supposed to provide for load balancing. Smart grid devices are designed to detect when more power is needed so that power can be generated and delivered. Devices that are tricked into indicating that more power is needed when it isn't could overburden the system, cause power shortages in some areas and create worse problems for areas being fed too much power.
- Causing brownouts. Of course, the devices could be directed to do the opposite, so that they tell the system that less electricity is needed. The resulting brownouts throughout large areas would be an inconvenience, but worse would be the psychological effect on people once they learned that the grid has succumbed to a malicious attack.
- Having the smart grid devices attack the grid itself. In theory, the dumb power grid as a whole is a closed network. Therefore, denial of service attacks against the SCADA systems that control the power grid are not likely to be very successful. Make the grid smart, though, by adding millions of smart grid devices that are susceptible to worms and are each an access point to the entire grid, and the potential for launching distributed denial of service attacks grows tremendously. The actual effect on the power grid would depend on which SCADA systems are attacked.
There's the potential for terrorism related DDOS attacks, but as with the Internet, extortion is even more likely. "We will hijack the system unless you pay up." It's already happened in Brazil, where extortionist hackers exploited vulnerabilities in the power grid to cause large scale outages. That sort of thing just becomes a lot easier when smart grid devices are added to the mix. - Getting free service. Once the grid becomes hackable, power pirates gain the means to manipulate devices so as to underreport electric usage.
- Undermining confidence. A terrorist, or just someone with a grudge against someone, should be able to cause devices to overreport usage. Someone who targets a few specific users for this might go undetected, but anyone who wanted to sap public confidence in the power company or its smart grid could cause widespread overreporting. This is a very real possibility, and in fact, Pacific Gas & Electric is slowing down its smart grid implementation because of a class action lawsuit claiming that smart grid devices cause overbilling.
These are just the most obvious attacks. I can think of many more that are conceivable, and a few that don't seem viable but still might be manageable by a really smart hacker.
I'm sure the power companies will respond that they are embedding security technologies in their devices. I would certainly hope they are, but keep in mind that there has never been a completely secure system. It's absurd to believe that they have implemented perfect security for the first time in history on a product that has been rushed to market with minimal security testing. And again, there have already been vulnerabilities found in the components of smart grid devices.
Also, when a vulnerability is found, it might not be easily fixed. If it is embedded in the firmware, the device might have to be manually repaired or replaced. Even assuming that there are millions of components and/or devices readily available, how long would it take to install the devices on all affected components? If the power has been turned off as part of an attack, imagine what would have to be done to get the power back on to millions of homes, offices, hospitals, etc.
I am only hypothesising what could happen. Nonetheless, there has already been a proof of concept for such attacks. More importantly, the smart grid provides more than enough access for someone to launch large scale attacks, and there will be tremendous resources put toward compromising the technology. Much like the early Internet, the technology is being rolled out much faster than the security issues have been reasonably studied and addressed.
The power companies don't like it when people say things like this. So far, though, every claim I made has been proved correct by documented attacks or government reports. Sadly, I know that I will be proved right once again.
Cisco forms smart grid ecosystem | Microsoft joins with Oasis on smart grid | US power grid hacked by cyber-spies | Hackers capture Hollywood imaginations
Email
Print
Comment
Permalink
Contact Us
RSS
Digg
Add your commentComments
Earl Perkins, Gartner, Inc. | Published: 14:59 GMT, 04 December 2009
While I (as a former utility employee) appreciate the attention critical infrastructure protection is receiving, it is amusing to note the number of experts who have taken it upon themselves to suddenly highlight a concern utilities have lived with for decades, and who are aware of it. Action is being taken, though I will admit it is slow and needs to improve. This is primarily a matter of balancing likelihood of risk with the ability to respond realistically.