All too often you read about security breaches that cost firms millions of dollars or hit individuals with loss of personal data or both. But all this pales in comparison when you consider the implications of a security breach somewhere on the electrical grid.
Plausible scenario #1
Utility Y rolls out smart meter technology to its customer base. Unfortunately, the smart meters had a flaw that would allow someone to connect to it via the wireless port. Using basic hacking techniques, a hacker could compromise information on the internal workings of the utility network, up to and including the control nodes. This individual could then provide this information to foreign entities that use this information to attack the electrical grid.
Plausible Scenario #2
SCADA (Supervisory Control and Data Acquisition) systems were designed without security in mind. They were meant to reside on a closed network with proprietary communication protocols. Utility Y, like many utilities, adopts the internet communication infrastructure technology to lower operational costs.
Utility Y puts a number of network firewalls at key points, assuming this will address its security needs. And while using the internet makes perfect sense to lower current and future costs, there are security risks. One of the biggest is management. Let’s assume administration of these firewalls is left to the utility’s engineering staff who are not familiar with basic IT security issues. One of these engineers makes a change that opens up port 80 – the normal access point for the Internet (HTTP). Now with Port 80 open, troublemakers can perform drive-by downloads of malware, view traffic, etc. Again, a violation of the integrity of the SCADA system.
Plausible Scenario #3
Let’s say an RF (wireless) mesh network is established for the smart meters in the smart grid. An attacker injects malware into one of the meters. The infected meter now “talks” to the other meters in the mesh and in turn infects those other RF mesh meters with the same malware. Hence, a geometric progression occurs whereby the RF Mesh network becomes slowly compromised – almost in a stealth mode.
All of these issues are not only plausible but are only a small example of the real security concerns being discussed by those who are implementing the smart grid. There are solutions – stay tuned for more on ICSA Labs efforts in this area.