Smart Grid, Power Systems at Risk

By Lawrence Walsh  |  Posted 2009-03-23 Email Print this article Print
 
 
 
 
 
 
 

New reports say China was behind the 2003 Northeast blackout and that serious threats exist to the U.S. power grid and critical infrastructure. Experts say these risks need addressing as the Obama administration and industry prepare to enable the "smart grid."

In the 2007 movie "Live Free or Die Hard," New York cop John McClane does battle with former government security specialists who use their inside knowledge to launch a "fire sale," an attack on power, road traffic and security systems to create a panic in and around Washington, D.C. While a fictional scenario, some say it’s no longer far from the truth.

Reports of the U.S. power grid's vulnerability to cyberattacks and the potential for greater exposure to hostile acts are coming to surface once again as the Obama administration is preparing to invest tens of millions of dollars to make critical infrastructure smarter.

Power generators and electrical distribution systems were once thought immune to the ravages of the Internet because they were largely segregated on closed networks and managed by SCADA (Supervisory Control And Data Acquisition) systems. Sneakernets (the physical insertion of data through discs) were thought the only means for compromising one of these closed power systems.

That blissful ignorance may soon come to an end. Intelligence reports are now revealing that China and the People’s Liberation Army may have compromised the U.S. power grid twice in the past decade. Worse, some sources say China was behind the 2003 Northeast blackout that plunged nine states and parts of Canada into darkness.

Previous reports found that the source of the blackout, an Ohio generation plant operated by American Electric and Power (AEP) sent a surge into the system that caused a massive, cascading failure. A worm in the plant’s non-power systems was said to be coincidental.

But industry and government vision for opening up the electrical grid as a distribution system for the Internet and communications could open up the entire power system to greater risk. Utilities have already opened their closed networks and SCADA systems to largely unsecure systems connected to public networks. Adding greater uses for two-way communications, IP packet transmissions and control systems will only increase risk exposure, experts say.

The upside to opening the electrical grid to networking is tremendous. Plans are already being made to make electrical meters at homes and business "smart," providing power producers and consumers with the means to measure and control the use of power with greater efficiency. IBM is betting a large part of its future on making pieces of the public infrastructure smarter and more manageable. And environmentalists believe a smarter electrical grid will lead to reduced dependency on foreign oil and a reduction on the national carbon footprint.

Solution providers will have a role in this electrical grid evolution, too. A smarter electrical grid will lead to smarter buildings, businesses and homes. That means installation, maintenance and management work on large and small scales.

Is opening the electrical grid to greater use and, potentially, much greater compromises worth the risk? One prominent hacker once told me that, during a demonstration to federal officials, he showed them all the power nodes on the eastern seaboard and, with a click, could have shut off the lights from Atlanta to Boston. The risk already exists, some will argue, so it’s more an issue of securing the grid to enable greater use.

Everyone from IT vendors to solution providers to the owners of physical infrastructure need to heed the warnings of the "potential" risks to the critical infrastructure and design better controls to guard and mitigate compromises.

 
 
 
 
Lawrence Walsh Lawrence Walsh is editor of Baseline magazine, overseeing print and online editorial content and the strategic direction of the publication. He is also a regular columnist for Ziff Davis Enterprise's Channel Insider. Mr. Walsh is well versed in IT technology and issues, and he is an expert in IT security technologies and policies, managed services, business intelligence software and IT reseller channels. An award-winning journalist, Mr. Walsh has served as editor of CMP Technology's VARBusiness and GovernmentVAR magazines, and TechTarget's Information Security magazine. He has written hundreds of articles, analyses and commentaries on the development of reseller businesses, the IT marketplace and managed services, as well as information security policy, strategy and technology. Prior to his magazine career, Mr. Walsh was a newspaper editor and reporter, having held editorial positions at the Boston Globe, MetroWest Daily News, Brockton Enterprise and Community Newspaper Company.
 
 
 
 
 
 

Submit a Comment

Loading Comments...