US Power Grid Hacked: Is The Smart Grid Safe?

Foreign spies placed malware on the US electricity grid. Where does this leave government security, and the Green Grid?

Just how wide the scope of regulations aimed at securing the nation’s infrastructure should be is the subject of debate on Capitol Hill. News of the electric grid hack comes as lawmakers consider the Cybersecurity Act of 2009, which calls for, among other things, a threat and vulnerability assessment of government systems and of the corporations that own the nation’s utilities, energy and transportation infrastructure.

Is the Smart Grid safe?

Security researchers from IOActive briefed the Department of Homeland Security in March on vulnerabilities in “Smart Grid” infrastructure. According to IOActive, Smart Grid technology is vulnerable to well-known issues such as protocol tampering, buffer overflows and rootkits. Still, US utilities have largely signed on to the concept of the Smart Grid and are already installing millions of automated home meters across the country, the first phase of Smart Grid deployment.

Ozzie Diaz, CEO of wireless security company AirPatrol, said the Obama administration is making the right moves by bringing the seriousness of cyber-security to the forefront.

“The next initiative is to establish a solid and accountable partnership between the public and private sector around innovation and solving the U.S. electric grid issues and those that will come in the future,” Diaz said. “Today, bureaucracy inhibits results because the public and private sectors don’t communicate as effectively as they should.”

There are a few trends that have led to the nation’s infrastructure being exploited by an advanced and persistent threat, said Jeff Nigriny, program manager for the TSCP (Transglobal Secure Collaboration Program).

Internet connections are hidden

“This increased exposure, for systems often assumed not to be on the Internet, arises from the fact that such critical infrastructure networks are interconnected and interdependent with other networks, eg service provider corporate networks, the Internet and ‘SCADA’-like networks,” Nigriny said. “One common finding of recent network audits [is they] show overly open and unmonitored gateways to be critical penetration and exfiltration points. In this way, an operator opening an e-mail, and they always will … [enables] these networks to be subject to the same attacks we read about every day, whether they are coming from state-sponsored or individual hackers. The US, other governments and critical infrastructure providers have been struggling to adapt and improve under increasing demands for higher returns on invested capital.”

The cost savings imperative has also led to a related and arguably multiplicative threat vector—the convergence of computing networks and critical infrastructure networks, he added.

Rather than increased regulation, Nigriny advocated more cooperative efforts such as TSCP, which is a partnership between the government and the aerospace and defense industries.