| Electricity grids vulnerable to attacks on critical information systems The revelation that a computer worm disabled a safety system in a US nuclear power station in January has led to fresh calls for security on electricity grids to be overhauled. Experts say much of the grid's critical infrastructure is too accessible to the virus-ridden public internet. News of the safety flaw came as teams investigating the North American electricity blackout on 14th August said they still could not rule out computer problems as a contributory cause of the outage. Control system experts warn that it's only a matter of time before worms like MSBlaster or Sobig.F - which uses spamming technology to amplify its presence on the net- cripple a power station or grid. When the Davis-Besse nuclear power plant in Ohio was hit by the Slammer worm this year, the reactor happened to be offline. But the worm disabled a safety monitoring system for nearly five hours. "We are still working through the information to find out what happened," says a spokesman for Akron-based FirstEnergy, which owns the plant. Some sources suggest the worm may have entered the plant's network via a connection to an insecure network. But critical systems like power stations should be cut off from the outside world and the internet, says Joel Gordes, a grid expert at Environmental Energy Solutions in Riverton, Connecticut. But this is not seen as a practical option in today's cost-conscious and highly competitive energy market. It was cheaper to integrate these systems than to isolate them, says Bill Flynt, former director of the US Army's Homeland Security Threats Office and now with TRC Infrastructure Security in Connecticut. "It was a different security environment," he says. It's not just nuclear power stations we should be worried about, says Joe Weiss, a control systems expert with KEMA Consulting of Fairfax, Virginia. Weiss is concerned that although the PC-based software used by operators to monitor power stations and transmission lines is usually protected by firewalls, the real-time control electronics that they oversee is not. "The technology currently does not exist to protect them," he says. These real-time systems tend to be embedded in non-PC based customised electronics in power plants and substations, but their behaviour can be affected because at some points PCs are used to switch them on and off- with potentially disastrous consequences for the grid. "So far we've been lucky," says Weiss. "These embedded systems were designed to be open to easy, remote access." This was appropriate before the rise of the internet, when grids operated on a dedicated, closed infrastructure- but today this level of openness poses a serious threat. In June, the North American Electric Reliability Council described how a worm brought down another network designed to allow operators to control parts of the grid in remote areas. Known as Supervisory Control and Data Acquisition systems, or SCADAs, these are heavily relied upon to keep grids running round the world. "It's a genuine problem," says Flynt. "We have to redesign the grid." Weiss says he has tried raising awareness of the issue in Congress. "We have spent a very large amount of money to secure the Internet and our IT infrastructure," says Weiss. "But there has been no money spent to protect [utility] control systems." Source: New
Scientist
•Date:
28th August 2003 • Region: N.America •Type:
Article •Topic: BC
general
|
