The U.S. electrical grid: How big of a cyber target is it?

The U.S. electrical grid: How big of a cyber target is it?

Summary: Updated: Spies have reportedly been probing the U.S.


Updated: Spies have reportedly been probing the U.S. electrical grid for months and planting software that could be activated at a future date, according to a Wall Street Journal. The report highlights the latest vulnerabilities facing U.S. power infrastructure.

The Journal notes that the spies are from China, Russia and other countries. While the news isn't that surprising---given how vulnerable U.S. infrastructure is---it is notable because electrical grids were initially thought to be somewhat hacker proof until recently. Why? Grids run on an old mish-mash of software, which is often proprietary.

However, recent events indicate that so called SCADA systems---(Supervisory Control And Data Acquisition), which collect data from sensors and machines and send them to a centrally managed repository---are also at risk. To wit, last June Core Security detailed how SCADA systems were vulnerable. And even silly electronic road sign pranks show how SCADA systems are vulnerable.

How bad is it? According to the Journal report, a SCADA attack may be a disaster waiting to happen. The ability to hack into electric grids isn't new--you can find reports here, here and here---and the usual techniques such as social engineering, exploits and other hijinks work well. In addition, the House Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology had a big hearing on electric grid threats a year ago and the General Accountability Office has also highlighted the issues in a report on network controls.

In a report, the GAO found the Tennessee Valley Authority (TVA), a federal corporation and the nation’s largest public power company, "had not consistently implemented significant elements of its information security program." Meanwhile, the TVA's corporate network "lacked key software patches and had inadequate security settings, and numerous network infrastructure protocols and devices had limited or ineffective security configurations," according to the GAO.

Simply put, the fact the grid is wide open for malicious hackers isn't news. What's different is the Journal is naming names (at least countries).

The Journal notes that:

  • The Chinese have attempted to map the U.S. electrical grid;
  • The espionage is pervasive and not targeted to any one company or region;
  • The companies in charge of the infrastructure---remember most of the U.S. networks are in private hands---never knew of the intrusions;
  • Intelligence agencies discovered the intrusions;
  • Water, sewer and other systems are at risk;
  • And the intelligence gleaned through these intrusions will be critical in the event of war.

The good news is that the Obama administration is about to complete a cybersecurity review and Congress had approved $17 billion in funds to protect government networks under the Bush administration.

Also see: TechRepublic resources on SCADA security

GAO report on Tennessee Valley Authority's security weaknesses

House hearing on electric grid vulnerabilities

However, throwing money at the problem may not help all that much.

The North American Electric Reliability Corporation told its members that utilities need to step up security procedures. In the letter, Michael Assante, chief security officer of the group, wrote:

NERC is requesting that entities take a fresh, comprehensive look at their risk-based methodology and their resulting list of CAs (critical assets) with a broader perspective on the potential consequences to the entire interconnected system of not only the loss of assets that they own or control, but also the potential misuse of those assets by intelligent threat actors.

Assante outlines the grid's conundrum:

Most of us who have spent any amount of time in the industry understand that the bulk power system is designed and operated in such a way to withstand the most severe single contingency, and in some cases multiple contingencies, without incurring significant loss of customer load or risking system instability. This engineering construct works extremely well in the operation and planning of the system to deal with expected and random unexpected events. It also works, although to a lesser extent, in a physical security world. In this traditional paradigm, fewer assets may be considered “critical” to the reliability of the bulk electric system.

But as we consider cyber security, a host of new considerations arise. Rather than considering the unexpected failure of a digital protection and control device within a substation, for example, system planners and operators will need to consider the potential for the simultaneous manipulation of all devices in the substation or, worse yet, across multiple substations. I have intentionally used the word “manipulate” here, as it is very important to consider the misuse, not just loss or denial, of a cyber asset and the resulting consequences, to accurately identify CAs under this new “cyber security” paradigm. A number of system disturbances, including those referenced in NERC’s March 30 advisory on protection system single points of failure, have resulted from similar, non-cyber-related events in the past five years, clearly showing that this type of failure can significantly “affect the reliability (and) operability of the bulk electric system,” sometimes over wide geographic areas.

Taking this one step further, we, as an industry, must also consider the effect that the loss of that substation, or an attack resulting in the concurrent loss of multiple facilities, or its malicious operation, could have on the generation connected to it.

The good news so far: It doesn't appear that these intrusions have led to any attacks. But as grids become smarter via technology, they're likely to be easier to hack. It's only a matter of when, not if, the grid---and other key infrastructure---gets hacked.

Update: I'd like to point out the following Talkback.

I am a retired engineer, formerly employed by 2 electric utilities - one of them a very large utility within the U. S; Department of Energy. In that job I was the project manager for a large SCADA/Energy Control System. So I (think) I know a little about SCADA systems and how they operate.

EVERY SCADA system that I have ever seen use its own dedicated communication network to carry data between the Master Station (the "base"), and the substation Remote Terminal Units (RTU's) and with the powerplants. The Master Station is manned 24 hours per day, seven days per week, 52 weeks per year. In other words, ALL THE TIME. So if something happens, the knowledgeable, experienced operator can take immediate steps to counteract the event. One example: many years ago, a light airplane flew into a high voltage transmission line in Northern Arizona. The electric system "alarmed", and a dispatcher in a Phoenix control center shut down that line and rerouted power so as to minimize outages to customers until the cause of the alarm had been identified and corrective measures taken.

Another Western US utility's management decided to "economize" by combining the SCADA functions with the company's corporate functions in a single computer. And, of course, there was a "firewall" between the SCADA and corporate functions. And when the firewall failed, it took down the company's entire power grid. Needless to say, nobody in electric utility management today sees this as a way to economize.

Oh yes, did I mention that SCADA systems almost always use redundant computers, so that in the event that one fails, an automatic "failover" to the backup computer occurs?

Remember the late 1990's, and the widespread fear that the rollover to year 2000 would cause widespread failures in the electric power grid, because microprocessors and computers had not been designed to recognize dates beyond 1999? And that once the grid crashed, taking out all electric power in North America, it would be impossible to restart, because electric power was needed just to start up a generator, etc. As the person who designed the data communications protocol for use between our Master Station and the several (hydro and steam) powerplants we had under control, I knew that the prognosticators of doom were wrong. And, remember what happened on New Year's Day, 2000: NOTHING. The electric system continued to function, just as before. The doom-sayers were WRONG.

So, considering that utilities use dedicated, private (usually microwave) communications for their SCADA systems, and that the data communications use various coding and security methods, I, for one, will not lose any sleep worrying that the Chinese or Russians are going to tap into our country's SCADA systems and crash the power grid.

Topics: CXO, Enterprise Software, Security, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • So, in the future...

    ..."Live Free or Die Hard" could end up being a prophetic sort of documentary. That blows.

    There's only one solution. FIX IT!
    • can't fix it without Linux

      You must demand the use of Linux in order to be safe.
      Linux Geek
      • That is the problem

        the affected stations [b][i]are[/i][/b] using Linux!
        • I doubt it.

        • I read otherwise

          at that its windows & office.

          • Winbloze: Why am I not surprised...

            The Redmond shill damage control is out in force.

            LOL... :D
            hasta la Vista, bah-bie
          • Try again

            The business systems run on Windows, not the control systems.

            I just called a buddy of mine, an engineer at TVA, to verify that they use Solaris in their control systems. They do.
            Dr. John
          • Solaris

            Just another flavor of linux...
            m vincent
      • LOL

        Nothing could more awesome right now, than getting Linux into this thread. On the one hand, Linus Torvalds is from a Socialist Country. On the the other hand, Tux would let the Repubs have the right to bear Tactical Nukes because he believes in FREEDOM and Ice Cream, so they should be pleased. And bearing in mind also that Linux is the best, and Windows sucks balls, and I think we have the makings of an entertaining, and perfectly incomprehensible online orgy of add hominem and personal attacks.

        Gonna grab a beer. Wait-- was this thread about power plants or something?
        • Re: LOL

          You're old enough to drink?
      • Stupidity this blatent

        shouldn't even have posting rights. Why don't you go blow your nose on some Linux forum....
        • Can't take the heat?

          Then get out of the way
          hasta la Vista, bah-bie
      • Google "Large hadron collider hacked"...

        Their server farm runs LINUX.

        I use Ubuntu 8.10 as my primary OS these days (still need Windows, unfortunately), but it's a myth that *nix is fully secure.

        It isn't.

      • Has there ever been...

        Has there ever been a subject, any subject, anywhere, under discussion in which you did not proclaim Linux the cure all?

        Cancer? Get Linux!
        Car won't start? Get Linux!
        Dog had kittens? Get Linux!
        Earthquake hit and L.A.'s now part of the Pacific? Get Linux!
        Dr. John
        • ROFL! Too funny...

          But to answer your question... No.. I don't think he's ever NOT done exactly that.

          Ross Ice Shelf migrates to Hades? Get Linux! That'll keep satan's heat pumps working well!
      • not linux not Windows but something completely

        new and proprietary, closed source for this one.
  • RE: The U.S. electrical grid: How big of a cyber target is it?

    All this while Obama is slashing Defense spending right and left. Other countries see this, like China and Russia, and probably see it as an opportunity.
    • Are you an idiot??

      Obama is trying to clean up the mess that George W left. We have very few options here, we can choose to clean up the economy or we can sink all of our funds in defense (much like North Korea). Hell, we already owe China billions and billions of dollars in our pursuit of "mass weapons of destruction". Maybe had we ended this (preferably after his show of "mission accomplished") we could have saved billions and put it towards defense. That was not the case. What is the problem now is critical.
      • Are you an idiot??

        The grid was vulnerable long before Dubya became president. Why do some people automatically blame Bush for every single malfunction? Bush was far from perfect, but by and large his actions on defense (Iraq being a glaring exception) were correct. Now we have a Marxist president who will leave us more vulnerable to attack and less free than at any time in our history. And people like you still want to harp on Bush? How's about joining the rest of us in the Here and Now, and leaving the past in the past?
        • Marxist?

          Dude, you hillbilly Repubs never tire of that sorry line, do you? So I have a question: are you deliberately lying, or are you in fact, a moron?

          Beacuse if you think Obama, with all his vritues and flaws, is a freaking Marxist, then you have just said more about yourself than you will ever be able to articulate about him. Look up Marxism in the dictionary, and then cite an example (from the planet Earth) of Obama enacting Marxist policies.

          No? That's what I thought. The Internet is such a powerful tool, but lately it has become nothing more than a mud-wrestling ring where every retard on the planet can come hurl ad hominem at strangers, spread FUD, and wallow in disjointed, illogical hyperbole.

          If you have something negative to say about Obama, and I'm sure you're DYING to come up with something, at least try to make your irrelevant, off-topic slams based on fact. This kind of obvious ad hominem and reality-avoidance strategy is what got your political adversaries elected in the first place.

          So...actually, disregard this post. Keeping talking about Marxism, and "socialism" and stuff. That should safely guarantee your whole club is politically marginalized for the rest of the century.