Slashdot Mirror

← Back to Stories (view on slashdot.org)

Smart Grid Computers Susceptible To Worm Attack

Posted by timothy on from the when-the-lights-come-on-again dept.

narramissic writes "Researchers with security consultancy IOActive have created a worm that could quickly spread among Smart Grid devices, small computers connected to the power grid that give customers and power companies better control over the electricity they use. '[The worm] spread from one meter to another and then it changed the text in the LCD screen to say "pwned,"' said Travis Goodspeed, an independent security consultant who worked with the IOActive team. In the hands of a malicious hacker, this code could be used to cut power to Smart Grid devices that use a feature called 'remote disconnect,' which allows power companies to cut a customer's power via the network. The robustness of US power networks has been a hot-button issue after a technical glitch in 2003 caused a cascading power failure in the eastern United States and Canada that affected 55 million people."

11 of 98 comments (clear)

  1. lazy engineering by Anonymous Coward · · Score: 4, Interesting

    I know about these.... they're running windows XP, and are on modems. They call in every now and then to get get updates from the main network.... its' the power grid from the future? More like 1990.

    1. Re:lazy engineering by mangu · · Score: 5, Interesting

      its' the power grid from the future? More like 1990.

      Actually, power systems is a mature technology. The "bible" that every power engineer has is this book, first published in 1955. Notice that the book on sale is the fourth edition, printed in 1982. Nothing is changing very fast in this field.

      The problem that could arise from a large number of Smart Grid computers being pwned is if a worm triggered them off at exactly the same time, this is called a "load rejection" event. It would cause oscillations in the power flow which could end in a blackout but, generally, load rejection is not as bad as generation rejection, which happens when a power plant is cut off.

      Another problem that would cause much more harm to the companies than to users is if the worm instructed power meters to register less power consumption. I see a large black-market arising, if someone figures out how to write this exploit.

    2. Re:lazy engineering by freaklabs · · Score: 3, Interesting

      And of course you can buy the old Radio Shack auto-dialer and replace the crystal. That turns it into a red-box where you can emulate the DTMF tones that signal coins being dropped into the slot.

  2. Should I be sad? by stokessd · · Score: 2, Interesting

    This has the potential to suck for the consumer as people could now mess with our power. But after living in several places over the last decade, and being charged $25-$100 to "turn on" my power which is effectively just a change of name on the record at the central office, I can't say I'm shedding a tear for those folks.

    Sheldon

  3. This shows the weakness of anything centralized by cavehobbit · · Score: 4, Interesting

    This demonstrates the weakness of centralized power grids, like big hydro, big nukes, big coal, big solar arrays beaming power down to Earth, Big solar arrays covering the desert, or any other huge centralized 'answer' to our power generation problems. They are all vulnerable to DOS attacks or attacks on central points of weakness like power lines. It takes just one well crafted weapon, whether kinetic, EMP, radiological, chemical-explosive, cyber-viral-worm, etc., to plunge large populations into darkness and chaos.

    Monolithic thinking leads to monolithic engineering, (not to mention monolithic politics), that concentrate your vulnerabilities and limit your flexibility in responding to problems.

    Better to have many smaller, locally distributed sources. They make it far more difficult to attack them. Looks like Edison was right and Westinghouse was wrong. At least partially. Too bad we went with Westinghouse, at least so far as the centralized generator is concerned.

    This is a challenge that evolution, free markets and democracy all respond to with good answers. Authoritarian structures like organized religions, socialism/communism and autocracy in general all respond poorly to.

    This is also a vulnerability of the Internet, with its centralized DNS name servers. I wish I was knowledgeable enough to come up with a solution to that one.

  4. Re:So if this is in the meter (?) by peragrin · · Score: 2, Interesting

    Bribe just about any good electrician if you want one of those seals. I can put my hands on four of them for upstate NY in less than an hour. (only minor B&E involved as I know where they are stored for one electrician.

    Also if you are good most of those seals can be opened and closed with regular tools. It takes a bit of patience, but is possible.hence why when they really lock you out they use padlocks now. Of course I bet with the right bribe one could get a copy of even those keys as they are most likely keyed the same.

    --
    i thought once I was found, but it was only a dream.
  5. Re:Glitch? by Scrameustache · · Score: 2, Interesting

    Similarly, the blackout of 1965 was caused by cheap cost cutting measures, enabled by foolish regulation.

    No: The cause of the (1965) failure was human error that happened days before the blackout, when maintenance personnel incorrectly set a protective relay on one of the transmission lines.

    --

    You can't take the sky from me...

  6. Re:Nothing to see here, move along... by betterunixthanunix · · Score: 2, Interesting

    "Since the utilities lose revenue -- potentially all revenue, plus destruction of capital assets -- if their equipment is cracked, they are very much a part of these standard development activities, and security is of constant concern. (There will undoubtedly be an industry consortium tasked with reviewing implementations of these standards.)"

    Ironically, even in the face of lost revenue and destruction of equipment, power companies do not take security as seriously as you would have us all think. In some countries (including the UK, as I recall) the power companies began to deploy meters that required the insertion of a smart card in order to release power, with the idea being that customers could get "prepaid power." As it turns out, many of these systems were vulnerable to replay attacks and clever customers could get free power after purchasing two cards and simply alternating them. The meters would only remember the last nonce used, rather than every nonce; the reason was cost-cutting and an assumption that nobody would actually try alternating a pair of cards.

    I doubt that the companies here in the US will take security any more seriously than those in other countries. The engineers might recommend better security -- assuming they have a background in security engineering -- but the managers will only see that an extra million dollars will be spent to prevent an "obscure" attack that seems like something nobody will ever figure out. That is assuming that the managers even understand what the engineers have told them. Even if the IEEE recommends a secure system, corners will likely be cut that will leave the system vulnerable.

    --
    Palm trees and 8
  7. Cause of the 1965 blackout by mangu · · Score: 2, Interesting

    The cause of the (1965) failure was human error

    "Cause" can be defined in several different scopes. When one reads a death certificate, for instance, the cause of death could be listed as a hemorrhage in the brain, or one could say the cause was a bullet, or a drunken brawl which ended in a gun being shot, etc.

    Instead of saying a wrongly set relay was *the* cause, perhaps it would be best to say it was a precipitating factor. If that relay had not been set wrong, there was a large number of factors that could have triggered a similar blackout.

    I guess what the AC called "foolish regulation" was the fact that electricity prices were set by law at such a low level that discouraged investment in the power system. Low investment means, among other things, that technicians will not receive good wages, they will not be motivated enough to pay close attention on what they are doing and will commit mistakes.

    Low investments also mean that companies will not build new power plants and lines. They will try to stretch existing systems to the limit, reaching a point where relatively small failures might cascade to system-wide blackouts.

    Generally, when people bemoan regulation or deregulation they are looking at just one side of the issue. If you regulate, then you must make sure that the regulations will not kill the companies. If you deregulate, make sure to deregulate *everything*, including prices. The problem with what has been called "deregulation" is that removing the regulations that impose quality levels while keeping regulated prices is more or less guaranteed to cause failures in the system.

  8. Re:So if this is in the meter (?) by Anonymous Coward · · Score: 1, Interesting

    A power company employee showed me one of their smart meters here while back. It has a GPS tracking device built into it. If you move it from where it's supposed to be, it reports back to the power company. Also, the meter is paired with your service address, so they know when another meter is substituted. They're going to be using remote-read so that the meter continuously reports its status and your usage. They know your usage patterns and can tell when usage changes.

    Black market is going to be a lot harder with these puppies, and this is just the beginning of what's possible.

  9. "Remote disconnect" - implications by Animats · · Score: 4, Interesting

    I hadn't been aware that "remote disconnect" was being incorporated into electric meters. Read this industry analysis of remote disconnect" for background. The "risk items" list doesn't even consider the implications of hostile attack.

    The purpose of "remote disconnect" is to get more control over customers. Utilities are considering using this to enforce collection, and even for prepaid electric service. It's another way to tighten the screws on poor people, like prepaid cellular and paycheck loans.

    There's another feature, current limiting - draw too much current and the power cuts off. The current limit can be set remotely. When someone gets behind on their bill, the power they can use is limited to survival levels until they pay up.

    Vulnerabilities in the remote management system could be a serious problem. Will the keys be kept in a Microsoft system? If you thought it was bad when credit card numbers were stolen, what happens when someone steals the meter key database? The meters have to be physically visited, one at a time, to reset the keys. And who would do that? The meter readers get laid off when this goes in.