Imagine if a mouse click switched off an entire nation
1 Aug 2012 1:52 AM GMT
With the northern grid having crashed over two successive days, it raises a scary question - is our electrical grid vulnerable to hack attacks and could it be penetrated by cyber terrorists or foreign elements intent on embarrassing India in front of the world?
With the power crash making front page news in the global media, the bragging cache earned from such news could be enormous, for anyone intent to prove that India’s expertise in smart technology is much less than it seems.
This scenario, though it may seem quite far-fetched, is not entirely in the realms of science fiction. Though Power Grid officials were tight lipped when asked to comment on the matter, this sort of attack has already taken place in countries like the US, where systems are more foolproof than ours. Spies from other countries have hacked into the United States' electricity grid, leaving traces of their activity and raising concerns over the security of the US energy infrastructure to cyber attacks.
In February this year, the Wall Street Journal reported that the head of the National Security Agency in the USA, General Keith Alexander, warned that he expects hacktivist group Anonymous to be able to bring about a limited national power outage through a cyber attack and shut off power for millions. A near-peer competitor [country] could give cyber malware capability to some fringe group, Alexander said, according to the Journal.
The report said that spies sought ways to navigate and control the power grid as well as the water and sewage infrastructure. It is part of a rising number of intrusions, the article said, quoting former and current national security officials. ‘The Chinese have attempted to map our infrastructure, such as the electrical grid," a senior intelligence official told the Journal. "So have the Russians.’
Bush’s anti-terrorism coordinator Richard Clarke claimed that ‘in 2009, the control systems for the US electric power grid [were] hacked and secret openings created so that the attacker could get back in with ease.’ The intruders don't appear to have done any damage to date but did leave behind software that could later disrupt or shut down the system. What are the hackers after? Clarke notes that ‘there is no money to steal on the electrical grid, nor is there any intelligence value that would justify cyber espionage. The only point to penetrating the grid’s controls is to counter American military superiority by threatening to damage the underpinning of the US economy.’
James Lewis, a cyber security specialist at the Center for Strategic and International Studies said, ‘You want to occupy Wall Street? How about turn the lights off on Wall Street? Even for a day.'
Anonymous had recently announced Operation Global Blackout, a plan to shut down the Internet on March 31 this year and have disrupted the iron-clad sites of the CIA, the Pentagon, Mastercard and Visa.
Many countries or institutions may want to harm the financial bedrock of a superpower but what do they gain from crashing the electrical grid. It could simply be to gain boasting rights or even to test vulnerabilities in extreme situations such as times of war. It could also be to cause mayhem such as train or traffic accidents on a large scale due to failure of the signalling system.
No one is clear about the profile of the perpetrators. It could be a disturbed mind with a grudge, bent on avenging some imagined wrong against the system, brilliant teenagers fooling around on a dare and showing off how far they can go with their technical skills, or petty criminals looking to earn profit. It could be a computer engineer using the resources of a state-of-the-art lab or an individual using the power of the world-wide-web from his home PC. (MIT students recently hacked an electrical grid, and played Tetris with coloured electric lights on one side of an entire building on campus.) But whether it is a lone wolf or a consortium, the perpetrators are highly skilled and never caught as they ensure they don’t leave a fingerprint that can be traced back to them. They prefer anonymity and do it more for private enjoyment and in hacker hierarchy, they sit pretty much on top of the dogpile.
Those in charge of the electrical grid, however, say privately that they are prepared for attacks, have backup to restore power quickly should an attack occur, and they are already facing regular attacks which they have been able to deflect.
But security experts say utilities have to be more enterprise security-aware. ‘When these incidents occur at any organization, the first reaction is to cover it up. The thinking is if we keep this kind of thing secret, nobody will find it or exploit it. But for those of us who are inside the industry, and have been at this long enough, the only way we’re going to fix a security problem is to expose it.’
The decades-old technology used to manage power grids in most countries is vulnerable to manipulation or sabotage, according to a recent study. Attackers could manipulate power-grid data by breaking into substations and intercepting communications between substations, grid operators, and electricity suppliers. This data is used by grid operators to set prices for electricity and to balance supply and demand, the researchers say. Grid hackers could make millions of dollars at the expense of electricity consumers by influencing electricity markets. They could also make the grid unstable, causing blackouts.
The attacks would be difficult to trace, according to Le Xie, an assistant professor of electrical and computer engineering at Texas A&M University. Vulnerabilities have existed in grid systems for decades. But the threat is becoming worse as more substations become automated, and unmanned, making it easier for an attacker to access grid data. As utilities move over to open communications standards, as part of the migration to the ‘smart grid,’ it could get even easier to intercept communications or hack into systems remotely.
Electric-grid operators forecast supply and demand a day ahead of time. This helps keep supply steady and the grid stable. Power generators then allocate their resources based on this predicted demand. After they've supplied the electricity, the operators settle the accounts by looking at exactly how much power was generated by whom, and how it was distributed.
Xie and colleagues say this data is vulnerable to manipulation. Attackers could tap into the communications lines between the substations and grid operators, and inject false information. If they're careful, the new data will seem like ordinary fluctuations on the grid.
If someone wanted to cause a blackout, spurious data about how much power is flowing could be used to fool grid operators into overloading parts of the grid, tripping generators and leading to cascading failures. Again, if the attackers were careful, the erroneous data would go unnoticed. A blackout could then occur before grid operators have the chance to correct for the problem.
Fixing the vulnerability will not be easy either. It could take 20 years for utilities to replace old infrastructure with security-enhanced equipment, such as encryption. Expensive sensors worth billions of dollars would have to be added to the grid, so that an attacker would have to corrupt many more sensors to create a problem without getting caught. On the other hand, adding these sensors, and the communication networks needed to access their data, could add new vulnerabilities by adding new points of entry.
Traditionally, the electric meters attached to structures, the wired and underground poles that deliver electricity to them, and the plants where electricity are generated have all been operated and maintained independently by field workers who gather data in a one-way system of communication. When a problem occurs with an electric meter or a pole in the traditional system, an expert has to go out and assess the problem, as there is no automated way for the system itself to send feedback. Increasingly, countries are opting for automation to replace manual checks. Many have hailed smart grid technology as the way to bring the electric grid into the technology age. The increased automation, however, opens up more security challenges.
Plans to modernise the grid call for adding communications capability to the distribution network, allowing utilities to get usage data from buildings or equipment along the grid. Smart-grid companies can ship information over power lines, cell phone networks, or the Internet using proprietary or Internet Protocols.
With the power crash making front page news in the global media, the bragging cache earned from such news could be enormous, for anyone intent to prove that India’s expertise in smart technology is much less than it seems.
This scenario, though it may seem quite far-fetched, is not entirely in the realms of science fiction. Though Power Grid officials were tight lipped when asked to comment on the matter, this sort of attack has already taken place in countries like the US, where systems are more foolproof than ours. Spies from other countries have hacked into the United States' electricity grid, leaving traces of their activity and raising concerns over the security of the US energy infrastructure to cyber attacks.
In February this year, the Wall Street Journal reported that the head of the National Security Agency in the USA, General Keith Alexander, warned that he expects hacktivist group Anonymous to be able to bring about a limited national power outage through a cyber attack and shut off power for millions. A near-peer competitor [country] could give cyber malware capability to some fringe group, Alexander said, according to the Journal.
The report said that spies sought ways to navigate and control the power grid as well as the water and sewage infrastructure. It is part of a rising number of intrusions, the article said, quoting former and current national security officials. ‘The Chinese have attempted to map our infrastructure, such as the electrical grid," a senior intelligence official told the Journal. "So have the Russians.’
Bush’s anti-terrorism coordinator Richard Clarke claimed that ‘in 2009, the control systems for the US electric power grid [were] hacked and secret openings created so that the attacker could get back in with ease.’ The intruders don't appear to have done any damage to date but did leave behind software that could later disrupt or shut down the system. What are the hackers after? Clarke notes that ‘there is no money to steal on the electrical grid, nor is there any intelligence value that would justify cyber espionage. The only point to penetrating the grid’s controls is to counter American military superiority by threatening to damage the underpinning of the US economy.’
James Lewis, a cyber security specialist at the Center for Strategic and International Studies said, ‘You want to occupy Wall Street? How about turn the lights off on Wall Street? Even for a day.'
Anonymous had recently announced Operation Global Blackout, a plan to shut down the Internet on March 31 this year and have disrupted the iron-clad sites of the CIA, the Pentagon, Mastercard and Visa.
Many countries or institutions may want to harm the financial bedrock of a superpower but what do they gain from crashing the electrical grid. It could simply be to gain boasting rights or even to test vulnerabilities in extreme situations such as times of war. It could also be to cause mayhem such as train or traffic accidents on a large scale due to failure of the signalling system.
No one is clear about the profile of the perpetrators. It could be a disturbed mind with a grudge, bent on avenging some imagined wrong against the system, brilliant teenagers fooling around on a dare and showing off how far they can go with their technical skills, or petty criminals looking to earn profit. It could be a computer engineer using the resources of a state-of-the-art lab or an individual using the power of the world-wide-web from his home PC. (MIT students recently hacked an electrical grid, and played Tetris with coloured electric lights on one side of an entire building on campus.) But whether it is a lone wolf or a consortium, the perpetrators are highly skilled and never caught as they ensure they don’t leave a fingerprint that can be traced back to them. They prefer anonymity and do it more for private enjoyment and in hacker hierarchy, they sit pretty much on top of the dogpile.
Those in charge of the electrical grid, however, say privately that they are prepared for attacks, have backup to restore power quickly should an attack occur, and they are already facing regular attacks which they have been able to deflect.
But security experts say utilities have to be more enterprise security-aware. ‘When these incidents occur at any organization, the first reaction is to cover it up. The thinking is if we keep this kind of thing secret, nobody will find it or exploit it. But for those of us who are inside the industry, and have been at this long enough, the only way we’re going to fix a security problem is to expose it.’
The decades-old technology used to manage power grids in most countries is vulnerable to manipulation or sabotage, according to a recent study. Attackers could manipulate power-grid data by breaking into substations and intercepting communications between substations, grid operators, and electricity suppliers. This data is used by grid operators to set prices for electricity and to balance supply and demand, the researchers say. Grid hackers could make millions of dollars at the expense of electricity consumers by influencing electricity markets. They could also make the grid unstable, causing blackouts.
The attacks would be difficult to trace, according to Le Xie, an assistant professor of electrical and computer engineering at Texas A&M University. Vulnerabilities have existed in grid systems for decades. But the threat is becoming worse as more substations become automated, and unmanned, making it easier for an attacker to access grid data. As utilities move over to open communications standards, as part of the migration to the ‘smart grid,’ it could get even easier to intercept communications or hack into systems remotely.
Electric-grid operators forecast supply and demand a day ahead of time. This helps keep supply steady and the grid stable. Power generators then allocate their resources based on this predicted demand. After they've supplied the electricity, the operators settle the accounts by looking at exactly how much power was generated by whom, and how it was distributed.
Xie and colleagues say this data is vulnerable to manipulation. Attackers could tap into the communications lines between the substations and grid operators, and inject false information. If they're careful, the new data will seem like ordinary fluctuations on the grid.
If someone wanted to cause a blackout, spurious data about how much power is flowing could be used to fool grid operators into overloading parts of the grid, tripping generators and leading to cascading failures. Again, if the attackers were careful, the erroneous data would go unnoticed. A blackout could then occur before grid operators have the chance to correct for the problem.
Fixing the vulnerability will not be easy either. It could take 20 years for utilities to replace old infrastructure with security-enhanced equipment, such as encryption. Expensive sensors worth billions of dollars would have to be added to the grid, so that an attacker would have to corrupt many more sensors to create a problem without getting caught. On the other hand, adding these sensors, and the communication networks needed to access their data, could add new vulnerabilities by adding new points of entry.
Traditionally, the electric meters attached to structures, the wired and underground poles that deliver electricity to them, and the plants where electricity are generated have all been operated and maintained independently by field workers who gather data in a one-way system of communication. When a problem occurs with an electric meter or a pole in the traditional system, an expert has to go out and assess the problem, as there is no automated way for the system itself to send feedback. Increasingly, countries are opting for automation to replace manual checks. Many have hailed smart grid technology as the way to bring the electric grid into the technology age. The increased automation, however, opens up more security challenges.
Plans to modernise the grid call for adding communications capability to the distribution network, allowing utilities to get usage data from buildings or equipment along the grid. Smart-grid companies can ship information over power lines, cell phone networks, or the Internet using proprietary or Internet Protocols.
Next Story
