Smart grid hackers could pose threat to national security
SUBNET Solutions Inc | Thursday, April 05, 2012
The burgeoning U.S. smart grid is faced with constant cyber security attacks that pose real dangers that no amount of money can allay, says one computer security expert.
According to the EE Times, DesignWEST senior research engineer Joe Loomis recently spoke at a panel on the dangers of hacking the smart grid, discussing how the advancements in smart grid and smart meter technology could potentially lead to serious risks of hacking and cyber warfare. This, he says, could have a disastrous effect on North American infrastructure.
"It’s critical infrastructure and society depends on it, making it a prime target for attack," said Loomis.
Loomis cited the Stuxnet worm as one example of malicious intentions that can be manifested through cyber attack. The worm exploited a number of zero-day vulnerabilities, and spread quickly across the world.
"What made Stuxnet more scary than anything else is the order of magnitude of sophistication over everything that came before it," Loomis said.
In September 2011, a similar worm, DuQu, was believed to have been developed by the same team that gave rise to Stuxnet. The DuQu worm was designed to capture system information and keystrokes that could enable an attack similar to that of Stuxnet.
"Before, if someone wanted to shut off power to my home, the electricity company would have to send someone around, physically, to cut me off. Now, it’s all being networked and can be shut off remotely, which creates a dangerous risk," he said.
Such smart grid deployments have gained steam around the U.S. after $3.4 billion in stimulus funds were pumped into the development of smart grid technologies. All over the country, more households are being outfitted with smart meters and businesses are installing advanced intelligent electronic devices on their substations. With so many new installations, the risk of attack goes up due to the multitude of threats that exist.
Loomis added that while no system is 100 percent secure, utilities can gain from looking at their cyber security on a case-by-case situation.
SUBNET has developed a number of products that help utilities manage their large install base of disparate IEDs founds throughout their entire transmission and distribution system. The products ensure secure management that also adheres to strict NERC CIP regulations, and also supports several other functions including unified relay event file collection and archiving, unified password management, unified asset monitoring and unified data historian interfaces.
Substation Cyber Security