Power grid is found susceptible to cyberattack

An emerging network of intelligent power switches, called the Smart Grid, could be taken down by a cyberattack, according to researchers with IOActive, a Seattle security consultancy.

How close is World War 3.0?
Slideshow: 10 of the Worst Moments in Network Security History

IOActive researchers have spent the past year testing Smart Grid devices for security vulnerabilities and have discovered a number of flaws that could allow hackers to access the network and cut power, according to Joshua Pennell, IOActive's CEO. Smart Grid devices are small computers that are connected to the power grid, giving customers and power companies better control over the electricity they use. There are about 2 million of these devices currently deployed, but many more are expected to be added in coming years.

IOActive and independent security researcher Travis Goodspeed concluded that these Smart Grid devices could be used to spread malicious code.

In the hands of a malicious hacker, this code could be used to cut power to Smart Grid devices that use a feature called "remote disconnect," which allows power companies to cut a customer's power via the network.

IOActive briefed the U.S. Department of Homeland Security on its findings Monday and is advising the utilities industry to better test the systems before deploying them in the real world.

News of IOActive's research was first reported by CNN, ensuring that the security of the Smart Grid will get a lot of public attention as the U.S. moves forward with plans to add another 17 million of these devices over the next few years.

The robustness of U.S. power networks has been a hot-button issue after a technical glitch in 2003 caused a cascading power failure in the eastern United States and Canada that affected 55 million people.

Hackers have eyed power systems before. Last year, the U.S. Central Intelligence Agency confirmed that criminals had hacked into computer systems via the Internet and cut power to several cities in countries outside of the U.S.

The IOActive research will probably never be released publicly: Many of these devices are already deployed and it would be too dangerous to make the bugs known. Pennell said that his team's work was not focused on one particular device maker and that they were able to confirm a number of the theoretical vulnerabilities identified by Goodspeed, who has researched vulnerabilities in the Texas Instruments MSP430 chip used by some Smart Grid devices.

In 2007 Goodspeed demonstrated that it was possible to write a worm that could spread among Msp 430 chips, which are used by some Smart Grid device makers, according to Goodspeed.

These Advanced Metering Infrastructure (AMI) Smart Grid systems use a variety of low-power processors along with custom-designed firmware and operating systems and can be equipped with a variety of wireless protocols, which can give attackers different ways to break into the systems, Pennell said.

Smart-meter makers would benefit from having outside security experts test their products for flaws, Pennell said. "The design and implementation of these systems has not been scrutinized by a third party," he said.

The IDG News Service is a Network World affiliate.