The Wall Street Journal has a wham-bam headline Wednesday morning: Electricity Grid in U.S. Penetrated by Spies.
Scary stuff! The story, while quite interesting, doesn’t give much direct evidence, however, that would allow us to evaluate how real the threat is. All the specific quotes and information about the danger (“Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system”) come from unnamed officials — who could easily be hyping the threat to generate business for the companies, because they always hype the threat of Chinese hackers, or because they want to spur Congress into increasing budget outlays for their departments.
The one specific quote, from Director of National Intelligence Dennis Blair, is so vague that it’s essentially meaningless: “A number of nations, including Russia and China, can disrupt elements of the U.S. information infrastructure.”
Still, the issue is fascinating and worth pursuing. As it happens, as part of Wired’s April cover story on the grid, we also investigated some of the dangers faced — particularly asking whether making the grid smart would make it more vulnerable. If everything is interconnected, and if it communicates by IP, it may be both easier and more tempting to hack. The journalist who did this, Bryant Urstadt, found some fascinating stuff.
For starters, there have already been some frightening episodes:
- Last January, a CIA analyst confirmed that in an unnamed country, multiple-city blackouts were caused by hackers in an attempted blackmail scheme. [This sounds like the same attack mentioned in the middle of the WSJ piece.]
- Ira Winkler, a former NSA employee, and now a security consultant who specializes in simulating terrorist attacks on networks, has been breaking into the power grid for years. In 2007, at the request of one power company, he compromised its system in a day. The simulation, he says, was called off because it was “too successful.”
- In 2007, the Associated Press obtained a Homeland Security video which showed a small electric generator being disabled remotely. In the video the generator coughs, sputters, and then dies in a smoky paroxysm. HS
labeled it an example of “the Aurora vulnerability,” but declined to elaborate on what exactly that vulnerability was, though more details were given to power-plant operators.
And here’s how Urstadt describes the problem:
The grid is going to introduce a huge host of unknowns, primarily with the roll-out of wireless, networked smart meters able to monitor and control appliances, and to talk to utilities and to one another over their own protocols and through an IP-based standard.
These meters will likely be built from off-the-shelf components, and will be vulnerable to compromise. One fear, for example, is a hacker setting a meter to tell the utility that it needs more power, and also telling other meters to say the same. Or a hacked network could turn on every air conditioner in a city at the same time. Too many power requests, real or fake, could trip a shutdown at a utility, and then lead to a “cascade” of shutdowns at other utilities, such as caused the
So what can we do to prevent that? Urstadt reports on one very interesting solution: “[R]esearchers like Mike Assante, the chief security officer for the North American Electric Reliability Corporation, an industry group, are working to make sure that when a control computer makes a decision, it assumes that some portion of the meters are compromised. Other lines of defense will include ‘dissimilar’ protocols for wireless meters in a neighborhood, which is roughly like making sure that not everyone in town uses the same cellphone carrier; the ability to quarantine meters; and the design of firmware that can easily be reset to a normal state.”
Another possible danger is what’s called a “man-in-the-middle” attack. This is where
an invader gets between a conversation, purposely changing messages. Hackers might take an alarm from a voltage sensor in the field and convert it into an all-clear message, so that an operator screen reads normal, when, in fact, all hell is breaking loose.
Stopping such hits will require the usual authentication codes, but also redundant meters. On the power-delivery end, it will require systems that can differentiate a normal request for increased power from an orchestrated series of requests.
Urstadt’s ultimate conclusion is that: “In the long run, a few hacker-generated blackouts may be a fair price of the expected increase in efficiency and decrease in pollution from the smart grid — though it’s going to be hard to feel that way when some dork kid blows out the power on the Eastern Seaboard.”
Read More http://www.wired.com/epicenter/2009/04/china-and-russi/#ixzz0iqyDkxbV