Slashdot Mirror
Hacked Water Heaters Could Trigger Mass Blackouts Someday (wired.com)
At the Usenix Security conference this week, a group of Princeton University security researchers will present a study that considers a little-examined question in power grid cybersecurity: What if hackers attacked not the supply side of the power grid, but the demand side? From a report: In a series of simulations, the researchers imagined what might happen if hackers controlled a botnet composed of thousands of silently hacked consumer internet of things devices, particularly power-hungry ones like air conditioners, water heaters, and space heaters. Then they ran a series of software simulations to see how many of those devices an attacker would need to simultaneously hijack to disrupt the stability of the power grid. Their answers point to a disturbing, if not quite yet practical scenario: In a power network large enough to serve an area of 38 million people -- a population roughly equal to Canada or California -- the researchers estimate that just a one percent bump in demand might be enough to take down the majority of the grid. That demand increase could be created by a botnet as small as a few tens of thousands of hacked electric water heaters or a couple hundred thousand air conditioners. "Power grids are stable as long as supply is equal to demand," says Saleh Soltan, a researcher in Princeton's Department of Electrical Engineering, who led the study. "If you have a very large botnet of IoT devices, you can really manipulate the demand, changing it abruptly, any time you want."
Rolling blackouts can fix it.
Introduce a random time error into thermostats for things like HVAC systems -- even if they're all set to turn on at 6pm next Tuesday, some will turn on at 5:58, some will turn on at 6:00, some will turn on at 6:05. This will hopefully give the grid controllers enough time to adapt to a spike in load.
Also, why do water heaters need to be "smart?" I thought they responded to demand -- if there's no hot water flow, the water stays hot in a well-insulated tank, and the heating element doesn't need to run. There's minimal heat loss in an electric heater compared to gas, since the only breaks in the insulating layer are for wires, input, output, and overflow pipes.
Better yet, have all new homes use tankless/"on-demand" heaters.
But...
Then they ran a series of software simulations to see how many of those devices an attacker would need to simultaneously hijack to disrupt the stability of the power grid.
Wouldn't it just be simpler to run the calculation on paper?
I can't personally help much here, all I've bothered to learn is how to calculate an appliance's electricity usage over X amount of days, but anyone with decent knowledge of supply and demand for powerplants should be able to do this fairly trivially I'd think. Correct me if I'm wrong.
Not to mention the power usage likely* varies from one brand of product to the next, let alone one type of item to the next.
*Would need a couple minutes of research at most...
I tend to rant.
Remind me again why our hot water heaters need to be online? Better yet, why don't we have on-demand ones that ..you know, just supply hot water, on demand; no connectivity required.
While I can see the danger presented, let me ask this hot water question related question: Should we be just as concerned with remote execution of code that causes a hot water to overheat and either explode, or catch a house on fire?
Awk! Pieces of eight. Pieces of eight. Pieces of seven... ERROR: General Protection Fault. [Paroty Error.]
What parts of Quebec are you talking about exactly?
In periods of intense heat and cold, temperatures can reach 35 C (95 F) in the summer[47] and 40 C (40 F) during the Quebec winter,
Reference point: https://en.wikipedia.org/wiki/...
Pretty sure that -40c (-40f) is a big fat typo, I'll bite that it goes down to -40c though during the worst of conditions/wind chill... but even the averages in the table of that same article is showing nothing close to what you've stated.
Yours truly,
A concerned fellow East Coast Canadian
I tend to rant.
Yo, homie...
-40 is the exact same in f and c.
Yes, i'm serious.
When the only tool you have is a claw hammer every problem starts to look like the back of someone's skull.
Sorry, but they where able to induce a bad problem when fed into software unpublished software models based on Polands energy grid from 12 years ago. The article infers that power companies cannot tolerate a 1% unpredictability, and that is simply inherently false.
-- I'm the root of all that's evil, but you can call me cookie..
Well fuck me........... so it is.
I tend to rant.
I worked as a professional stage hand in college. It was an interesting job and a lot of fun. Got to meet a lot of interesting people, even a celebrity or two.
One night, when working in a small town in western North Carolina, we didn't have much to do that night so we decided to play. We took every last light fixture we could, wired them up to the dimmers to "play" with them. The idea was to come up with a crazy rock and roll type light show to amuse ourselves and maybe learn some stuff by playing with the control board. It took hours to wire it all up and it was the wee hours of the morning when we where ready.
Of course, we wanted the maximum effect when we turned all this on, so after a brief discussion, we agreed we'd turn every fixture we had wired on, all at once, or a "bump to full" and enjoy the blaze of glory we had created. The electrics op configured the scene on the old analog board by running all the channels to full and punched up the scene onto the main fader to await the queue that we where all ready to witness the spectacle of every light in the place going to full at the same instant.
I'm sitting in the middle of the house with my co-workers and dramatically the house lights dim slowly. We all wait in anticipation of what we all know is coming. Then it happens, every light in the place begins to flash on in a blinding display as the "bump to full" and just as quickly the whole place goes black. We all thought the electrics op had bumped to black for effect, but eventually we hear him yell "What happened?" Looking around we realize that NOTHING is on except for the battery operated exit lights, nothing. The power was out.
Walking out side you could see most of the town and it was also totally black. It stayed out for about half an hour, then popped back up.
My guess is that we tricked the electric provider into shutting down the town by massively increasing the load in the dead of night and tripping protection systems, designed to avoid power surges and the voltage excursions that come with them. We thought about trying it again, but figured that knowingly doing something like that might be frowned on if we kept doing it. Besides, it was 2AM and time to get to bed, even for us stage hands.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Step one is to isolate as much of the power grid as possible by decentralizing power generation and storage. Solar and battery for most even home would drastically reduce the potential fallout for any attack.
Step two is to STOP FUCKING HOOKING SHIT UP TO THE INTERNET. Anything connected to the internet should be considered to be both unreliable and a liability.
Anons need not reply. Questions end with a question mark.
A 1% spike would not be likely to cause problems, but (specific to California) 3% would safely cause curtailment calls. Even for that though, you would need to go 3% below nominal first and then turn everything on at once.
The real vulnerability is in being able to game sub ~5-minute demand before the current systems can comfortably accommodate it. As we get more batteries on the grid, that risk dissipates pretty quickly.
If it could be done with 1% load variation, the markets would have figured out how to game it already.
I believe that in Canada, -40C is "Fecking cold, eh?" while in the US -40F is "Fucking cold, dude". Small difference.
Well, there's spam egg sausage and spam, that's not got much spam in it.
Some folks have no choice, electric is all they have. I feel for them, but there are quite a few places where this is true.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Yes, yes, yes, yes, and what if the Core is made of cheese?
It must have been something you assimilated. . . .
be connected to the Internet? Also, there is no way in hell even 10% of water heaters are ever going to connect to the internet. Most are in apartments (since those have the densest populations) and as somebody who lives in an apartment I can tell you they use the cheapest ones you can buy.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
We just need to install a fourth unnecessary level, using the WaterChain, to encrypt our water heaters and home furnaces from remote hacking. Then we can put all the credentials files on a laptop and lose it in an airport, exposing all of our national water infrastructure.
Cold showers in January are a good thing, right?
(caveat: passive solar water heaters will still work, as will disconnected PV water heaters running off grid)
-- Tigger warning: This post may contain tiggers! --
Operating water heaters with electricity is an extravagantly stupid waste of energy and money.
Agreed, passive solar water heating is the most optimal method.
-- Tigger warning: This post may contain tiggers! --
Actually, when I was in the Canadian Army, we had to operate in -40C temps quite often. So, maybe you need to realize it's cold out there.
-- Tigger warning: This post may contain tiggers! --
Same reason God needed a spaceship.
Table-ized A.I.
in much of the US, -40 is "oh my god you want me to go out there? Are you trying to kill me? Hell no, I'm staying inside under a blanket watching netflix."
I can believe that all the utilities in California may be well interconnected, but Canada is 20 times the land area and there is no real nationwide grid. Some provinces have more interconnects than others, but there are probably as many interconnects to US states as there are domestic ones.
The heating units default to "online" when they lose their signal.
But that's the same as an old school thermostatically controlled heater. If people aren't using hot water, that works out to the heaters coming on occasionally to maintain temperature.
If you could shut them all down for eight hours, allow them to cool and then command them all back online, bad things might ensue. But only if your system has become so weak that it can't take the black start load. My (crappy) utility frequently drops entire cities for days at a time during the winter. They think nothing of putting the wires back up and closing breakers on many square miles of residential loads. Lights are dim for a while but that's about it.
Have gnu, will travel.
Oh I realize it is. Hence why I asked what part of Quebec.
We've all seen the videos where it's so cold you can throw water up in the air and instantly freezes.
I tend to rant.
All good my frostbitten friend! I learned it much younger in a series of science fiction books. Pretty sure it was Frederick Pohl's Gateway/Heechee series.
As penance for pointing it out I'll give you a good one on me:
Until very recently, say 2 years ago, I thought the indigenous fire ants that have plagued me since I was a child used their mandibles to inject venom. The term "ant bites" seemed to explain all I needed to know and I never thought twice about it. Then someone told me the little beasts have a stinger, the term "ant bites" was a misnomer, and the truth of how these millimeter scale tyrants turned my life to shit on so many occasions had been deliberately hidden from me.
I was at a complete loss. Pretty damn funny watching me fumbling through my phone looking for evidence while my friends just laughed and laughed at me and my incredulity.
Cheers!
When the only tool you have is a claw hammer every problem starts to look like the back of someone's skull.
All this has, I don't know, been known for 5-10 years, maybe longer?
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Electric cars plugged in to high-current outlets waiting to charge off-peak, which also have remote controls to run the heater from the mains to pre-heat the car, would be another very high-demand load, though hopefully harder to exploit.
tl;dr: hackers taking over millions of anything is bad.
Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
The cost of electricity in most places people live in the USA will vary between -$0.02 and $7.00 per KWh. Some places even more. The utility really hates it when they have to pay $7/KWh and you should too because the price will be passed on to you eventually. So it would be nice if you shut off your electric water heater or your pool pump or turned up your thermostat when this happens. Most of your meters run a protocol called ZigBee Smart Energy. It's a low power, low bandwidth protocol. It contains commands to ask devices to cut back on power consumption (Demand Response Load Control (DRLC)) and it also has commands to tell devices the price of electricity. DRLC commands should always have a randomization factor so that even if every device received the command at the same time they would all react to it slowly over a period of time. Similarly, if the price jumps, smart devices should randomly adjust their behaviour to reduce their demand sometime before or after the price change.
Disclosure: I'm a contributor to the Smart Energy standard.
When "smart" isn't. I'm happy I still have all "dumb" appliances because at least some schmuck reaching in through the internet and taking control of them is something I don't have to worry about. Paying hundreds or thousands of dollars to be able to adjust my thermostat from bed, instead of getting up, walking downstairs and pressing a button on its face, (or moving a lever) is not a SMART trade-off. I don't need my refrigerator to order groceries for me. I don't want my water-heater talking to my toaster; the two have NOTHING to discuss. The possibility of a conspiracy between my electric razor and the hedge-trimmer is something I don't even want to think about.
Sometimes what seems like a step forwards is just someone figuring a creative way to get you to buy some shit you didn't need with money you didn't have. The only thing I want, in terms of advancement in this area, is to have my own local source of power, from, i.e., solar panels and storage of the same, so it doesn't matter when a bunch of morons let script-kiddies or whatever, crash the entire electrical grid.
I don't trust most of my countrymen to sit the right way on a toilet seat. These days, I'm convinced they could even fuck that up.
Our reign has gone on long enough. Indeed. Summon the meteors.
While I understand the security related downfalls of IOT, there actually are some potential benefits to having a fleet of water heaters connected to the internet. In the UK, there is a government trial/pilot program in place testing smart water tanks for storing excess grid energy. https://youtu.be/z1Z4JCoPAGc
How an intern hacked the powergrid (SHA2017)