Major attacks on the U.S. power grid system are “increasing,” with hackers stepping up efforts to penetrate critical systems and to implant malicious software that could compromise the power grid and result in a nationwide crisis.  This is according to a new report from the Congressional Research Service (CRS).

Quoting excerpts from the CRS report:

The increasing frequency of cyber intrusions on industrial control (IC) systems of critical infrastructure continues to be a concern to the electric power sector.  Power production and flows on the nation’s electricity grid are controlled remotely by a number of IC [Industrial Control] technologies.  The National Security Agency (NSA) reported that it has seen intrusions into IC systems by entities with the apparent technical capability “to take down control systems that operate U.S. power grids, water systems and other critical infrastructure.”

As the grid is modernized and the Smart Grid is deployed, new intelligent technologies utilizing two-way communications and other digital advantages are being optimized by Internet connectivity.  Modernization of many IC systems (in particular, the Supervisory Control and Data Acquisition [SCADA] system) also has resulted in connections to the Internet.  While these advances will improve the efficiency and performance of the grid, they also will increase its vulnerability to potential cyberattacks.  Black Energy, Havex, and Sandworm are all recent examples of malware targeting SCADA systems.

Smart Grid components are built around microprocessor and other hardware devices whose basic functions are controlled by software programming.  These devices and functions may be subject to manipulation over a network.  The information processing and communications attributes which make the Smart Grid attractive are the very same attributes which can increase the vulnerability of the electric power system and its critical infrastructure to a possible cyberattack.  This risk is potentially increased for systems connected to the Internet.

New devices (like smart meters) and increasing points of access (such as renewable electricity facilities) introduce new additional areas through which a potential cyberattack may be launched at the grid.

Smart Meters

Smart meters are an example of new systems added to the grid.  While such systems are designed with security in mind (i.e., following international standards using best practices such as encryption of sensitive data, system protection from viruses and malware, access control and tamper alerts on meters, and two-party authorization), systems analysts acknowledge that such connected systems can have new vulnerabilities. [26]

Smart meters were singled out as a vulnerability by a report as potentially being susceptible to fraud from “manipulated meter readings, misuse of private customer data and a threat of power outages through a large cyberattack.” [27]

One particular weakness was said to be the built-in encryption of data sent from smart meters to utilities.  The meters are designed to last approximately 20 years, but it was speculated that the device’s built-in cryptology system may not be secure for that long a period. [28]  However, another source says that smart meter encryption and authentication “should be readily and proactively updatable” and combined with intrusion detection to better protect networks. [29]

[26] Christoph Steitz and Harro Ten Wolde, “Smart Meters Pose New Risks for Energy Industry,” Insurance Journal, July 18, 2014, http://www.insurancejournal.com/news/international/2014/07/18/335214.htm.
[27] Ibid.
[28] Ibid.
[29] Paul Newton, “Security, security, security: the mantra for smart meter data,” UtilityWeek, May 26, 2010, http://www.utilityweek.co.uk/news/Security-security-security-the-mantra-for-smart-meter-data/765952.

Supply Chains

Security of the supply chain for newer Smart Grid systems is a significant procurement concern because many components are obtained from many sources and vendors internationally.  These sources may be considered targets of opportunity to compromise or counterfeit Smart Grid components.

The Grid Is Experiencing Cyber Intrusions 

The increasing frequency of cyber intrusions on industrial control systems of critical infrastructure is a trend of concern to the electric utility industry.

The threats facing the grid are evolving, and with each new intrusion or cyberattack, priorities to protect the system can shift.  But that does not mean previous attacks can be considered past issues.  SCADA and other control systems infected by worms such as HAVEX are also vulnerable to other actors who may take advantage of such incursions, using or modifying them for their own purposes.  This can be a particular concern if, for example, a worm originated from a nationstate.  The threat of retaliation would likely be a deterrent from its use by a nation-state, but a terrorist or similar organization would likely be undeterred by such a consequence, and may use the worm for its own purposes.

Given the potential for damage to the nation’s economy from a major cyberattack on the grid, some might suggest a greater focus on recovery is needed and should become as much a part of a cybersecurity strategy as are efforts to secure the system.

To provide some perspective on this latest CRS report on the ‘cybersecurity issues’ for our electrical grid system, here is what we have previously reported at this website:

“The distressing part of this whole situation is how valuable resources are being diverted and wasted on smart meters when the money could so easily be spent on infrastructure upgrades that would actually improve the grid and harden it against physical and cyber attacks as well as from the effects of solar storms, etc.  Instead, we are making the grid more vulnerable to catastrophic events by not spending the money where it needs to be spent and wasting it on smart meters.  It is truly an unbelievable pathway that we find ourselves.”

Source Material for this Article 

“U.S. Power Grid Being Hit With ‘Increasing’ Hacking Attacks, Government Warns,” at http://freebeacon.com/national-security/u-s-power-grid-being-hit-with-increasing-hacking-attacks-government-warns/.

“Cybersecurity Issues for the Bulk Power System,” Congressional Research Service, June 10, 2015, at http://www.fas.org/sgp/crs/misc/R43989.pdf.