Skip to comments.Smart-grid hackers could cause blackouts
Posted on 03/22/2009 5:53:34 PM PDT by BenLurkin
Deployments of smart grids should be slowed until security vulnerabilities are addressed, according to some cybersecurity experts, citing tests showing that a hacker can cause a major blackout after breaking into a smart-grid system.
The idea behind smart grids, a burgeoning energy sector in which even Google is playing a role, is that automated meters and two-way power consumption data can be used to improve the efficiency and reliability of an electrical system's power distribution. A washing machine in a household hooked up to a smart meter, for instance, could be set up to run only at lower-cost, off-peak hours, and a home sporting solar panels could give power back to the grid.
Through the U.S. economic-stimulus package, the Department of Energy is set to invest $4.5 billion in smart-grid technology. And while many utilities are embracing the initiative by installing smart meters in millions of homes nationwide, security experts and others caution that the technology may not be ready for prime time. According to a CNN report published Friday evening:
Cybersecurity experts said some types of meters can be hacked, as can other points in the smart grid's communications systems. IOActive, a professional security services firm, determined that an attacker with $500 of equipment and materials, and a background in electronics and software engineering, could "take command and control of the (advanced meter infrastructure), allowing for the en masse manipulation of service to homes and businesses."
Experts said that once in the system, a hacker could gain control of thousands, even millions, of meters and shut them off simultaneously. A hacker also might be able to dramatically increase or decrease the demand for power, disrupting the load balance on the local power grid and causing a blackout. These experts said such a localized power outage would cascade to other parts of the grid, expanding the blackout. No one knows how big it could get.
"Industry is working to make meters more secure. They have done a good job," said Joe Weiss, an expert on utility control systems.
Still, experts like Skoudis recommended that smart-grid deployment be slowed until security vulnerabilities are addressed. Otherwise, he said, smart-grid equipment deployed now may have to be replaced later.
"Before we go rushing headstrong into a Smart Grid concept, we have to make sure that we take care of business, in this case cybersecurity," he said.
Industry regulators and industry executives earlier this month echoed concerns to Congress about rapid smart-grid deployments, cautioning that a lack of industry standards for security, reliability, data sharing, and privacy could result in government money wasted on proprietary smart-grid technologies that are not interoperable with each other and that are destined to soon become obsolete.
"I don't think the sky is falling," William Sanders, principal investigator for the National Science Foundation Cyber Trust Center on Trustworthy Cyber Infrastructure for the Power Grid, told CNN. "I don't think we should stop deployment until we have it all worked out. But we have to be vigilant and address security issues in the smart grid early on."
Who needs hackers when you have an energy secretary who figures she can impose blackouts whenever she wants?
“He gets it! Obama’s energy plan”- Wired
what a shill
you’d think if he cared about a smart grid, he’d pick a secretary that had experience implementing something similar for a state or large city.
Now I know what I’ll spend my time doing after they finish taking away my ability to make a living. At least I’ll have something to do with my time.
Maybe I’ll make a living selling hacked thermostats on the black market...
Imagine a hacker who takes control of thermostats of absent home owners or thermostats in little used rooms. The owners don't find out until the monthly electric bills arrive.
Or shutting off electricity in rooms where refrigerators allowing the food to rot. The possiblities are as unlimited as the hackers imagination.
And forget about government do-gooders getting control....
I think most of us will be more interested in hacking to stop the intrusion into our thermostats. In fact, it’s a black market business that will probably thrive in that environment. This is good, because guys like me need ways to make a living after these clowns collapse our current system.
“University of Minnesota expert on smart grids and smart grid security speaks on Capitol Hill today”
By ScienceMode on Mar 30th, 2009 in Headlines, SM
SNIPPET: “Massoud Amin, University of Minnesota professor of electrical and computer engineering, will speak to members of the U.S. Congressional Research and Development Caucus during a briefing on the U.S. power grid and energy in the nations capitol today, Thursday, March 26.
The briefing, Modernizing the Electric Grid: A Smart Way to Use Energy, will be held from noon to 1:30 p.m. today in H-137 Capitol Building. National officials turn to Amin for insight on power grid and energy issues because of his vast experience. Amin is an internationally known expert on power grids, smart grids, smart grid security, critical infrastructure and critical infrastructure security. He pioneered research on smart grids, coined the term self-healing grid, and led the development of 24 technologies transferred to industry.”
“Electrical ‘Smart Grid’ Not Yet Smart Enough to Block Hackers”
Monday, March 30, 2009
By James Osborne
SNIPPET: “A smart meter, like this one, which would help regulate smart grids pose a risk by would-be hackers, say security experts.”
SNIPPET: “Obama’s economic stimulus package allocates $4.5 billion to modernize the nation’s electricity system and put smart-grid technology on the fast track.
But creating a two-way line of communication between homes and the grid however “smart” it may be has its risks, experts say.
“With smart grid, anybody with an eBay account and $80 can go and buy a smart meter, reverse-engineer it and figure out how to attack the grid,” said Josh Pennell, president and CEO of IOActive, a technology research firm in Seattle, who testified before the Department of Homeland Security last week.”