Last updated: 16 May 2016
At the RSA Conference this year, FBI Director Robert Mueller stressed the government’s increased interest and attention to online threats, even stating that cyber attacks on the grid may become more of a threat than physical terrorism. They are changing the strategy of FBI operations, taking lessons learned from fighting terrorism and applying them to cyber crime.
“We have entered into a new phase of conflict in which we use a cyberweapon to create physical destruction,” said Retired General Michael Hayden in an interview on 60 Minutes.
The basic premise of this change: cyber attacks will happen, but there are safeguards we can put in place now to prevent or lessen their effects. Traditional IT infrastructure is overextended and not managed well. We bolt on security tools and wonder how hackers find a way in – it’s like an open invitation. Cyber terrorists, hactivists and cyber criminals can easily hack into an organization’s networks to steal information, tamper with automatic controls and change machinery settings – without setting foot in the door. For these types of adversaries, it’s more efficient and presents less danger to themselves to wreak havoc remotely using cyber attack methods.
One of the biggest targets for cyber terrorism is our critical infrastructure – energy, in particular. When you consider all the people, businesses & technology that would be affected by an cyber attack on the energy grid, it is easy to understand the FBI’s renewed interest in preventing cyber threats.
Cybercriminals seeking financial gain can easily dupe an unsecured smart grid into reporting fake consumption numbers, overbilling customers, or simply stealing customers’ identities & payment information for their personal use. Utility businesses are vulnerable to the same threats as other businesses. But because we’re dealing with physical distribution of potentially volatile substances, these businesses must do everything they can to ensure safe production and delivery of their products. Smart grids manage utility production & distribution processes by automatically sensing, analyzing and controlling machine functionality, temperature, pressure, etc. But when cyber attacks on the grid occur and automatic safety measures fail, we’re not looking at a simple blue screen or power outage – we’re looking at loss of life.
That’s exactly what happened in Iran in 2010 when a nuclear power plant in Iran was attacked by the Stuxnet worm. The worm installed itself in the plant’s PLC (Programming Logic Controller) computer-controlled system and caused a change in the rotational speed of machinery. The increased speed without the usual automated shut-down controls caused the nuclear plant fusion center to spin uncontrollably and explode.
When someone gets unauthorized access to the utility grid, it causes destruction, shutdown of services and chaos. It’s a scene right out of Die Hard.
“When you use a physical weapon, it destroys itself, in addition to the target, if it’s used properly. A cyberweapon doesn’t,” explained Gen. Hayden. “So there are those out there who can take a look at [the Stuxnet worm], study it and maybe even attempt to turn it to their own purposes. Such as launching a cyber attack against critical infrastructure here in the United States.”
The good thing is that smart grids are relatively new. We have the opportunity to build them the right way the first time, with less smart grid security gaps and problems that plague traditional IT infrastructure(the security threats will continue to expand and evolve – would be foolish to assume security will be ‘bullet proof’ – better to understand how we are protected when the bullets get in). With the right smart grid security strategy, it is possible to build a trusted infrastructure for our utilities and help prevent cyber terrorism.