All of America’s critical power structures are connected to the Internet – everything from electricity to water supplies. The benefits of putting these systems online is that it allows the government to easily control multiple power systems remotely and at the same time. But what would happen if a person or foreign government with malicious intent were to get control of these online power controls?
Security experts warn that a digital takeover of this sort would give enemy nations the power to bring down entire cities with a few clicks of a computer and could even be used to make the infrastructures destroy themselves, such as making a nuclear reactor overheat and damage itself.
Knowing just how much damage a cyber attack could do to the U.S. infrastructure, and with the recent report from The Wall Street Journal that both the Chinese and Russians have hacked into the U.S. electrical grid in an attempt to map it, the U.S. is left worried about its security.
Since it’s been proven that foreign governments have previously hacked into U.S. infrastructure, U.S. officials are worried that there’s malware left within the power grid. Their worry is that this malware could be remotely activated during times of war and could cause harm to critical infrastructure components or even give total remote access to the enemies of the U.S. Aside from just the power grid, officials said water, sewage and other infrastructure systems are also at risk.
“If we go to war with them, they will try to turn them on,” said a senior intelligence official.
Penetration-testing consultant Ira Winkler and a team of other experts answered the question of just how much damage an external malware attack could cause the U.S. by taking control of a power company, whose name was kept private to protect its image. The crew was able to take complete network control of the company’s power production and distribution, which basically gave them remote control to all generated power.
What makes this blatant security flaw even more scary is the fact that the U.S. is currently moving towards smart grid adoption nationwide, something that security experts say could be even more vulnerable to hackers.
A smart grid is the next generation of the power grid that will use smart sensors to tell consumers when power is in most demand and at what time of day they can get it for cheapest. The smart grid will also be able to deliver power to where it is needed from alternative resources such as areas where solar or wind power is harvested, saving huge amounts of money, natural resources and cutting down on CO2 emissions.
Aside from getting the cheapest power from the cheapest sources, the smart grid will also be able transfer the power more efficiently and be able to detect when there is a problem on one power line and use a different one instead, greatly reducing the number of blackouts.
But with all these benefits also comes the risk of hackers breaking into the grid. The reason for the increased concern with the upgrade is that transforming a largely one-way distribution network like the power grid into a two-way system that sends and receives information from consumers gives the hackers additional entrances into the grid.
In addition, Ben Schuman, an analyst with Pacific Crest Securities, says that the smart meters being installed in homes are basic, low-cost consumer electronics that hackers can easily buy and take apart to learn about the communication network and how to exploit it.
However, the U.S. government is well aware of the vulnerability that the smart grid might create and that our critical infrastructures are already being targeted by foreign powers. Which is why the government is implementing the Perfect Citizen program which will monitor all of our critical infrastructures for signs of cyber attack and will patch up all the “entrances” that hackers might attempt to exploit.
The reason that the Perfect Citizen is much needed, aside from the upgrade to the smart grid, is that the original design of our critical infrastructures was created before the Internet and cyber attacks ever existed. This design comes with plenty of access point that can now be targeted by hackers.
“Cybersecurity wasn’t even a concept when these infrastructure systems were built, and yet they have now all been connected and interconnected online — making them high profile targets for a cyber-attack,” says Hemanshu Nigam, a security consultant who advises Congress on cyber-security.
And with the upgrade to the smart grid, the implementation of Perfect Citizen comes at the perfect time as our old infrastructure is being updated a 21st century standard and so its security.