Sunday, May 22, 2011

Hackers dont do different things, they do same things differently... (Part II)

2. Hacking into smart grids

A common misconception is that only an open network -- say, your corporate wireless LAN for visitor access -- is hackable.
"Stuxnet proved that it is relatively simple to cause potentially catastrophic damage" to an industrial control network, says Neustar's Joffe. 

          Even some nuclear plants and power grids have wireless networks for employees to use. According to Morehouse, another new attack point will be smart grids, which use electronic metering to streamline power management. Utility companies around the world have begun testing and rolling out smart meters to customers' homes and businesses. The technology, which can send data to and receive it from a central system, can also be very helpful for IT: You can open a console to see the power usage for one section of a building, for example.

          But smart grids might be vulnerable to attacks that would allow nefarious hackers to cut off electricity to homes and businesses and create other kinds of havoc. 

1)   One possible attack vector is a smart grid's communications infrastructure. For example, Morehouse says, a German utility company called Yello Strom uses a consumer smart grid system that works like a home automation kit -- the sensors report energy usage back to the central server via the user's home Wi-Fi network.
          Because of this, it is possible for end users to tap into their own networks and gain access to the substation used for delivering power. "Often it's the case that these types of networks are not properly segmented or protected," he says. "Once in, the attacker may be treated as a trusted user and have access to other areas. 
          Is there the potential that they could disrupt the substation or city? Absolutely. They may plant a back door that could allow the grid to be powered down at a particular time."

2)    Another concern is vulnerabilities in the smart meters themselves -- a problem that affects corporate smart grids as well. Researchers from Seattle-based security services vendor IOActive, for instance, discovered several bugs in smart grid devices that criminal hackers could exploit to access the smart grid network and cut power to customers.
          "Hackers use press releases to find out the technologies [used in corporate smart grids] and go back to the infrastructure and find vulnerabilities.

          The most effective preventive measure, is rigid isolation -- a smart grid should not touch any other network, ever. He says there is an urgent need for penetration testing and making sure the firewall in a closed network is secure because of the possible dangers of gaining access to the power grid. He advises using tools such as Core Impact and Metasploit.

          The "rigid isolation" rule applies to home users as well. "Consumers should never bridge smart grid networks with their home networks," says Morehouse. He also advises home users to become familiar with their smart meters so they can recognize whether they have been tampered with, and to ask their utility providers what security measures are in place to protect the meters and network.

0 comments:

Post a Comment