In light of recent events where North Korea or maybe some other high-tech entity is suspected of a Ransomware hacking assault worldwide, we need to be very concerned about our Smart Grid security. A major loss of power on a large section of our electric grid in the US could be devastating and cause major chaos and loss of lives. It happened in the Ukraine on December 24, 2015 and it can happen here too. My colleague and friend, Patrick LeFevre, from Powerbox sent me most of this information and it was extremely enlightening.
If this latest Ransomware group is savvy enough to steal NSA software tools, then we had better be worried and take preventive security measures in the Smart Grid and on the Internet (Closely linked to the Smart Grid) because the Internet of Things (IoT) is growing and we can’t afford a chaotic breach of that system.
The US government Office of Electricity Delivery & Energy Reliability is very concerned with improving cybersecurity.
On April 26, 2016, the Michigan Board of Water & Light (BWL) was attacked with Ransomware as well. It took months to completely restore the system to normal.
On September 16, 2016, the OVH in France was a victim. The very next month it was Dyn in the US and the month after that it was Deutshe Telekom.
A cybersecurity expert and Wired journalist, Kim Zetter, wrote an excellent book entitled Countdown to Zero Day which tells about the story of the virus that sabotaged Iran’s nuclear efforts. The virus was named Stuxnet which caused physical destruction of the nuclear facility.
The IEEE Spectrum has a really good examination of Stuxnet malware in The Real Story of Stuxnet
A study by the UN Institute for Disarmament Research1 indicated that “32 states included cyberwarfare in their military planning and organizations, while 36 states had civilian agencies charged with a domestic cybersecurity mission.”
The Sparks Project2 is developing innovative solutions and recommendations to ensure the cybersecurity and resilience of smart grids, such as the investigation of key smart grid technologies like the use of big data for security analytics in smart grids, and novel hardware-supported approaches for smart meter (gateway) authentication.
What other ideas might help in this effort? Please share your thoughts and start a good technical discussion here with our savvy audience.
1 United Nations Institute for Disarmament Research, The Cyber Index: International Security Trends and Realities
2 The Sparks Project
How smart is it to deploy smart meters on the smart grid?
Is your Smart Grid Secured?