Wednesday, October 23, 2013

Electrical grid hacking

In this article they are talking about SCADA, the monitoring and control system that utilities use to control the electrical grid in their area.
 
For instance if you need to work on a certain area that interconnects with the power grid, say a solar farm, you can call them and fairly quickly have them disconnect that very specific section from the grid.
 
Not too terribly surprising, this system is not designed to be hacker-proof. 

Electrical Grid Is Called Vulnerable to Power Shutdown
Nicole Perlroth, New York Times, 18 October 2013 (hat tip: NC)
Adam Crain and Chris Sistrunk do not specialize in security. The engineers say they hardly qualify as security researchers. But seven months ago, Mr. Crain wrote software to look for defects in an open-source software program. The program targeted a very specific communications protocol called DNP3, which is predominantly used by electric and water companies, and plays a crucial role in so-called S.C.A.D.A. (supervisory control and data acquisition) systems. Utility companies use S.C.A.D.A. systems to monitor far-flung power stations from a control center, in part because it allows them to remotely diagnose problems rather than wait for a technician to physically drive out to a station and fix it.
Mr. Crain ran his security test on his open-source DNP3 program and didn’t find anything wrong. Frustrated, he tested a third-party vendor’s program to make sure his software was working. The first program he targeted belonged to Triangle MicroWorks, a Raleigh, North Carolina based company that sells source code to large vendors of S.C.A.D.A. systems. It broke instantly.
We did have one novel, Cyberstorm, that we reviewed that picked up on this idea.  As a practical weapon, the idea of hacking into the electrical grid and shutting it down at random points is much more viable than the depictions of a high altitude EMP-strike.  And much harder to retaliate against.

2 comments:

PioneerPreppy said...

I wonder about that some. I know I am on a very small co-op that has it's own coal plant but I am unsure how the whole thing fits together. Whether the individual entities are so intertwined or not is the question I guess.

russell1200 said...

Pioneer: They are very intertwined, but it is not impossible to break out the interconnected parts. The problem is that you loose a ton of efficiency if everyone is running off their own little plant. You loose the ability to push your power toward the area at peak usage and receive it yourself when you need it.