U.S. Faces Security Concerns Over Potential Malware in Power System


1120bplilloAll of America’s critical power structures are connected to the Internet – everything from electricity to water supplies.  The benefits of putting these systems online is that it allows the government to easily control multiple power systems remotely and at the same time. But what would happen if a person or foreign government with malicious intent were to get control of these online power controls?

Security experts warn that a digital takeover of this sort would give enemy nations the power to bring down entire cities with a few clicks of a computer and could even be used to make the infrastructures destroy themselves, such as making a nuclear reactor overheat and damage itself.

Knowing just how much damage a cyber attack could do to the U.S. infrastructure, and with the recent report from The Wall Street Journal that both the Chinese and Russians have hacked into the U.S. electrical grid in an attempt to map it, the U.S. is left worried about its security.

Since it’s been proven that foreign governments have previously hacked into U.S. infrastructure, U.S. officials are  worried that there’s malware left within the power grid. Their worry is that this malware could be remotely activated during times of war and could cause harm to critical infrastructure components or even give total remote access to the enemies of the U.S. Aside from just the power grid, officials said water, sewage and other infrastructure systems are also at risk.

“If we go to war with them, they will try to turn them on,” said a senior intelligence official.

Penetration-testing consultant Ira Winkler and a team of other experts answered the question of just how much damage an external malware attack could cause the U.S. by taking control of a power company, whose name was kept private to protect its image. The crew was able to take complete network control of the company’s power production and distribution, which basically gave them remote control to all generated power.

What makes this blatant security flaw even more scary is the fact that the U.S. is currently moving towards smart grid adoption nationwide, something that security experts say could be even more vulnerable to hackers.

A smart grid is the next generation of the power grid that will use smart sensors to tell consumers when power is in most demand and at what time of day they can get it for cheapest. The smart grid will also be able to deliver power to where it is needed from alternative resources such as areas where solar or wind power is harvested, saving huge amounts of money, natural resources and cutting down on CO2 emissions.

Aside from getting the cheapest power from the cheapest sources, the smart grid will also be able transfer the power more efficiently and be able to detect when there is a problem on one power line and use a different one instead, greatly reducing the number of blackouts.

But with all these benefits also comes the risk of hackers breaking into the grid. The reason for the increased concern with the upgrade is that transforming a largely one-way distribution network like the power grid into a two-way system that sends and receives information from consumers gives the hackers additional entrances into the grid.

In addition, Ben Schuman, an analyst with Pacific Crest Securities, says that the smart meters being installed in homes are basic, low-cost consumer electronics that hackers can easily buy and take apart to learn about the communication network and how to exploit it.

However, the U.S.  government is well aware of the vulnerability that the smart grid might create and that our critical infrastructures are already being targeted by foreign powers. Which is why the government is implementing the Perfect Citizen program which will monitor all of our critical infrastructures for signs of cyber attack and will patch up all the “entrances” that hackers might attempt to exploit.

The reason that the Perfect Citizen is much needed, aside from the upgrade to the smart grid, is that the original design of our critical infrastructures was created before the Internet and cyber attacks ever existed. This design comes with plenty of access point that can now be targeted by hackers.

“Cybersecurity wasn’t even a concept when these infrastructure systems were built, and yet they have now all been connected and interconnected online — making them high profile targets for a cyber-attack,” says Hemanshu Nigam, a security consultant who advises Congress on cyber-security.

And with the upgrade to the smart grid, the implementation of Perfect Citizen comes at the perfect time as our old infrastructure is being updated a 21st century standard and so its security.

About the author  ⁄ BrickHouse Security

BrickHouse Security is the industry's premier supplier of security and surveillance solutions. As a recognized authority in GPS tracking, hidden cameras, employee monitoring and compliance, video surveillance and counter surveillance, we help our customers use technology to get the clarity they need. We proudly serve consumers, businesses of all sizes and the law enforcement community. When you need to know, BrickHouse has the answers.

  • will

    The hackers can’t control the Hydroelectric plants , nor the gas fired peakers , which enter grid at their discretion on demand , or at regular times during peak load . Hydros and peakers are used as start up power for the larger coal fired plants . As far as the grid is concerned the US Government mandated orgs like MISO , to create cheaper power and distribute it over larger areas ( though really its a trade and price on paper , your power comes from relatively nearby generators ) MISO left unprotected is a government issue that was ignored until recently . It has little do do with local power plants . Once again the Gov’t creates a monster , then fears it being tampered with . My fear of MISO is that THEY can manipulate where power goes and does not go. Power loss from within to coherce population, not attacks from out of the country . Gov created this entire issue !!!!!!!!!!!

  • will

    The hackers can't control the Hydroelectric plants , nor the gas fired peakers , which enter grid at their discretion on demand , or at regular times during peak load . Hydros and peakers are used as start up power for the larger coal fired plants . As far as the grid is concerned the US Government mandated orgs like MISO , to create cheaper power and distribute it over larger areas ( though really its a trade and price on paper , your power comes from relatively nearby generators ) MISO left unprotected is a government issue that was ignored until recently . It has little do do with local power plants . Once again the Gov't creates a monster , then fears it being tampered with . My fear of MISO is that THEY can manipulate where power goes and does not go. Power loss from within to coherce population, not attacks from out of the country . Gov created this entire issue !!!!!!!!!!!