Hackers could easily cause electric power plants to shut down, malfunction or even overheat because of vulnerabilities in software, say experts who have been studying vulnerabilities in servers.
Hackers also could shut down sections of the grid and cause power outages.
Computer experts Adam Crain, Christ Sistrunk and Adam Todorski identified 25 different vulnerabilities in the protocols that enable components of the power grid to communicate.
“Every substation is controlled by the master, which is controlled by the master,” Sistrunk said of the power grid. “If you have control of the master you have control of the whole system, and you can turn on and off power at will.”
The three conducted an extensive evaluation of server security called Project Robus for the industry consulting firm Automatak.
The discoveries they made indicate the grid is far more vulnerable to hacking and cyber-attacks than was previously believed.
The grid’s vulnerability to hacking
Here’s a short rundown of what malicious hackers could do to the grid using the vulnerabilities uncovered by Project Robus:
- Send a server into an infinite loop which would prevent plant operators from monitoring or controlling operations. That could cause a steam power plant to overheat or even explode.
- Inject code into a server which would enable the hacker to open and close breakers at substations. Opening and closing breakers would cause power outages.
- Make it impossible for technicians operating the power grid to see what’s actually going on.
- Make it impossible for the grid’s operators to turn off power plants or to switch to backup power sources.
- Send misinformation to servers which will cause them to malfunction.
The vulnerabilities involve DNP3, the protocol that controls most servers at utilities in the United States and Canada, the study said. Sistrunk and his team have worked with vendors to create patches to fix the problem. Unfortunately, many utilities have not used the patches.
“We found vulnerabilities in virtually all implementations, Sistrunk said of DNP3.
The grid is easier to hack than you think
There are many different ways that a hacker could take advantage of the vulnerabilities. Crain noted that it would be easy for hackers to get into the servers through the WiFi networks that many utilities use.
Hackers could transmit a false message containing Malware designed to exploit the vulnerabilities to the wireless networks. Methods for cracking the encryption of such wireless networks were publicly demonstrated at a recent Black Hat cyber security conference.
Another way hackers could get into a network would be to simply break into an electrical substation and connect a laptop or tablet to the network. Crain noted that many remote electrical substations have little or no security.
A hacker using WiFi wouldn’t even have to break into the substation. All he would have to do is use a laptop hooked to a transmitter to send a message to the utility’s wireless network.
Crain and his team have submitted their findings to the Department of Homeland Security’s Industrial Control System CERT.
Project Robus is simply the latest report exposing the power grid’s vulnerability to cyber-attacks. As previously reported by Off The Grid News, the American Society of Civil Engineers gave the grid a D-Minus in cyber-security earlier this year.