W

O

O

orcester

pts

ut

Tell National Grid:

"Remove my

 'smart' meter!"

Call them at

855-377-7627

Security:  Power Grid May Be Cyber Hacked, Taken Down


     We all know what computer viruses can do.  Consequences, like data loss, are usually limited to our own devices and sometimes our networks are slowed or stopped.
But what if automation software that controls power plant machinery is "infected"?

     Vulnerability of the power grid to hacking is a big concern:  The grid or parts of it can be caused to fail or shut down by deliberately exploiting abilities of components to be controlled remotely.  Shutdown could also be induced by causing failure of sensitive electronics or accidentally by electrical storms.  There had recently been at least three "worms", known to the NSA, [218] on the Industrial Control system, the hardware and software that operate and control the electrical grid.  The National Research Council (NRC) in 2012 concluded that well-informed terrorists could black out a large region of the country for weeks or even months. [218a] 

     Our new President said grid security would be prioritized and doing so will not be a moment too soon.  Known malware that allowed the Ukrainian grid to be hacked just before Christmas, 2015 is also present on US systems and cannot be removed.   On one hand is a sense of urgency to prepare for the aftermath of a takedown but what saves us are the remains of some 3000 nonstandard or yet-to-be-integrated systems, making a blanket blackout less likely. [219] 

 

Power Grid Has Already Been Cyber Hacked!

     In 2012 and 2013 Russian hackers successfully sent and received encrypted commands to US power utilities and generators.  A Cylance security researcher was investigating theft by hackers who had stolen UC Santa Barbara's housing files and stored them on seven unencrypted file-sharing servers when he discovered that cyber attackers had also breached the US power grid networks.

     Cylance security found files on those servers with passwords as well as detailed engineering drawings of dozens of power plants.  Experts think skilled attackers could use them, along with other tools and malicious code, to knock out electricity flowing to millions of homes.  The files had been stolen from an outside contractor to Calpine Corporation, which owns 84 power plants.  Persian comments would seem to indicate Iranian hackers but officials can't say with certainty.  Cylance also found code to spread key-logging malware without traceback and code to mask the attackers' original Iranian IP addresses.  Attackers have successfully used the hundreds of outside contractors

that sell software and equipment to energy companies as a way to get inside networks tied to the grid. [220]  These compromises have not caused blackouts or equipment damage in the US - so far.

      But the day after the AP story broke, over 80,000 customers lost power in the Ukraine just before Christmas, 2015 in what is described as the first cyber attack on

an electrical grid[221]  In that case the scoundrels used three methods:  a computer virus allowed hackers to find the operator consoles so they could remotely open the breakers at 30 substations, cutting the power; secondly they disabled the operator nodes so that service had to be restored by going out to the stations to reset the breakers on site; thirdly a "Telephone Denial of Service" attack on the company's call

center - from Russia.  The computer virus also erased evidence of it's being in the company's systems.  Because workers were able to manually override the network they were able to restore service in only three hours.


 


 

 

 

 

 

 

 

 

 

 

 

 

 

 


 

 


 

Former CIA Director James Woolsey, speaking of the current state of the nation's electric grid and its vulnerabilities, says the federal government's oversight of grid security is inadequate and attacks on the grid are "entirely possible. ​​


     This could have been a lot worse.  In 2007 a 2 megawatt generator was experimentally caused to fail by sending commands to open and close its breakers rapidly.  This action caused the generator to lose synchronization with the 60 hertz current of other generators and blow apart catastrophically. [223]  CNN has a downloadable Windows Media Player video. [223b] 

 

Smart Meters Can Also Be Hacked

     Termineter, a smart meter hacking tool was released In 2012.  It was designed and intended for power company experts to assess their system's vulnerabilities but is an open-source code and freely available to anyone else assuming they can understand the inner digital workings of a smart meter.  If so enabled and inclined, one could put the software to malicious use. [224]  The FBI in 2010 noted meters in Puerto Rico were being exploited to under report usage and warned this would spread as the smart grid was spreading. [225] 

     David Winters, commenting on a Toronto Sun article on smart meter fires added, "...they were hacked within two weeks of becoming public...one demonstration showed how a laptop could wirelessly connect to a meter and spoof the address of the meter then send the bill to the nextdoor neighbor...this was reported in the news then somehow it became hushed up and the meters got installed anyway.  The utilities also did not inform people that they added a hidden 70 cent per month rental charge on the meters and there is a small heater in the meters to keep the electronics warm in cold weather...the customer is paying for the cost of heating the meter so the liquid crystal display works in cold weather." David also said, "Wireshark has been used to packet sniff a meter's transmitted data and get into its security program." [202d] 

     The currently installed "fleet" of Smart Meters communicate using encryption that is not upgradeable at this time.  This alone might not be as problematic if they only used secure channels that could not be monitored or entered through increasing numbers of legitimate access points like other meters, multiple small solar and wind installations, etc.  More problematic is that for portion(s) of its path, data may be transmitted between devices over the Internet. [225a] 
    Vendors have responded with password protection and encryption to deter reading data and modifying a meter's reportage of usage.  Yet a pair of European researchers revealed in 2014 how they reverse engineered and found weaknesses in a broadly deployed brand of encrypted smart meter letting them "commandeer the devices to shut

down power or perform electricity usage fraud over the power line communications network."

The particular meters used the same pair of encryption keys, that, once discovered by

an attacker, could easily sniff data or inject commands into the meter and other meters on that network. "You didn't need any tools to trigger the vulnerabilities we found.[226] 

     Meter manufacturers continue to make encryption schemes still more elaborate in order to stay ahead of hackers:  The Elster brand of meters use layered security and multiple passwords for access over the local optical port.  Additionally, a would be

hacker needs extensive knowledge of internal utility-specific configuration tables that are custom set at the factory and that are unavailable even to the utility.  Failed intrusion

attempts (both by optical port and by radio) are logged and reported to the utility.  [227]  Yet this cat & mouse game will never end.

      Crackers (malicious hackers) have taken to exploiting vulnerabilities in "dumb" IoT (Internet of Things) devices.   Legions of consumer-connected devices can be organized into botnets by malware.  One way is to program these to swamp or overload the IP address of a server(s) that a hacker wishes to disable in what is known as a "Distributed Denial Of Service" attack and Smart Meters, even if using encrypted communications, can be reverse-engineered to be utilized in DDOS attacks as well as for causing malfunctions on the grid or by mis-reporting usage, etc. [227a]   

 

Physical Attacks on Grid, Infrastructure

     Industry and government regulators have been aware of the possibility of Cyber Attacks on critical parts of the power grid since the early 2000s.  "Government officials claimed in 2002 that they had uncovered evidence that members of al Qaeda had explored vulnerabilities in SCADA systems in order to conduct such attacks on utilities." [228]  Recommendations for industrial control systems were made in 2006. [228a]  Most SCADA systems, the switching gear for matching the number and powers of generators, transformers, etc. with ever-changing loads, are closed-loop systems.  SCADA and industrial control systems, with their traditional reliance on proprietary networks and hardware, have long been considered immune to the kinds of cyberattacks that can plague corporate information systems.  The future-goal is to connect them to the Internet to expand the flexibility for remote control but doing so could broaden their exposure to externally launched attacks, [228b] 






















 


 

  

     A simulated cyber attack was conducted in March, 2007 by the Idaho National Laboratory for DHS that exploited a programming vulnerability in SCADA systems (Supervisory Control and Data Acquisition systems), the computer systems that control electric, water and chemical plants throughout the U.S. The test was intended to show how a remote digital attack by hackers could cause real-world damage beyond the computer used to conduct the attack." [228c]  video: [228d]

     In a methodically pre-planned physical attack on a substation near San Jose, CA., phone lines to that facility were cut in a nearby underground vault then the snipers shot out 17 transformers in April, 2013.  The rifle fire lasted 19 minutes until signalled by flashlight to stop.  The gunmen disappeared the minute before police arrived.

     Workers scrambled to divert power from elsewhere to keep Silicon Valley's power

from nearly being knocked out - even at 1 am.  As it is there are few if any spare

transformers and replacing the giant units took nearly a month.  If this had occurred

during peak air-conditioning season then customers would have been out of power for as long as it took to repair the damage.  The only report of this by a major publication broke ten months later in the Wall Street Journal [229b] then echoed by the L.A. Times.[229a],  That news only came to light through a concerned federal employee:


"The attack was "the most significant incident of domestic terrorism

involving the grid that has ever occurred" in the U.S., said Jon Wellinghoff,

who was chairman of the Federal Energy Regulatory Commission at the time."[229]


     No suspects have ever been apprehended or charged.  While the FBI downplayed the role of terrorism, a former official at PG&E (Metcalf' substation owner), told an industry gathering in November, 2013 he feared the incident could be a dress rehearsal for something bigger.  Piles of small rocks were found afterwards, apparently to mark the spots for the most damaging hits.

     Dr. Peter Vincent Pry was on the Congressional Electromagnetic Pulse Commission that was charged with studying all EMP threats that could threaten America.  He said calling the San Jose substation attack a “dry run” is on-the-mark:  “If it was a terrorist attack, the electric power industry and the media are almost certainly in error to describe it as a ‘failed attack,’” he told TheBlaze.  “In military and terrorist operational planning, an exercise or dry run deliberately stops short of destroying the target or achieving the maximum outcome because you do not want to alert the adversary,” Pry said. “You want the victim to remain vulnerable to a surprise all-out attack, most likely a much larger and more ambitious attack.[229b]

     A near catastrophe occurred in a substation serving 30,000 Nogales AZ customers near Tucson in June, 2014.  A hole had been cut in the fence and the remains of a crude incendiary device was found at the base of a 50,000 gallon diesel fuel tank.  according to a UniSource Energy Services official. [230] 

     An IRA terror cell almost blew up six London substations back in 1996.  The plot

would have blacked out millions of homes and businesses for many months throughout London and most of southeast England but was foiled by police and an MI5 operation. [231][231a][231b]  Police found thirty seven bombs in raids in which six of eight members of the terrorist unit, including a former US Marine, were arrested in July, '96. 























David Chalk, cyber defense expert, says there's not a power meter or other smart device on the grid that is protected from hacking; to being caused to shut down, damaged or completely annihilated by some Trojan Horse ... SIMULTANEOUSLY!  That includes Generators; Transformers; Whole Power Plants; ... that are super expensive and can't be readily replaced ... can be taken down simultaneously.  (8:15)




Cyber Security Info Graphic

From Jones Oil of Ireland, by way of

https://nomasssmartmeters.wordpress.com/cybersecurity-issue/ 
an Easy To Read Info Graphic on how the Smart Grid / Smart Meters can be hacked.

Hacking can affect not only your home but parts of the electric grid as well; parts that

can be very large, very expensive and not readily repairable or replaceable.

"Hardening" the Power Grid Against EMP

     Besides being prone to cyber attack the U.S. Grid could be taken down by an EMP (ElectroMagnetic Pulse) from a high-altitude nuclear bomb or from high plasma release from the sun.  In 2014 The Shield Act was introduced to the 113th Congress but no vote was taken on it.  https://www.govtrack.us/congress/bills/113/hr2417/text
     If you lost electricity for a day it would be an inconvenience.  If you lost electricity for a year it would be a disaster.  An electrical magnetic pulse (EMP) either from the Sun or a man made weapon would damage or destroy every electrical device in its path.  No power, cell phones, radios, electronics, backup generators, automobiles, nothing with transistors, etc.  That would also include the new digital electronic Smart Meters.  The world we know would go dark.
     The electrical grid of the USA IS VULNERABLE TO THIS DAMAGE.  The electrical grids of Russia and China are not.  They have hardened their grids against EMP and so should we.  HR2417 authorized the work required to protect the electrical grid of the United States from damage and disruption of power caused by natural and man made electrical EMP.
     The last natural occurrence of an EMP from the Sun occurred in 1859 and disrupted the only electrical devices in wide use at that time, The Telegraph, and according to scientists we are overdue for another such an event.
     Man made EMP weapons are available to the enemies of the USA and are less expensive and easier to employ than more deadly weapons.
     Our safety, security, and standards of living depend upon electricity being available 24/7.  This bill, HR 2417, was not voted on in the 113th Congress.  It should be reintroduced and brought to a vote by the present 114th Congress.  Read text here:  
https://www.govtrack.us/congress/bills/113/hr2417/text.
     Please contact your congressional representatives and friends; ask them to re-introduce & support the passage of HR2417.  Our National Security depends on it.

 

------------------------------


218    “Cybersecurity Issues for the Bulk Power System,” Congressional Research Service,

           June 10, 2015  http://www.fas.org/sgp/crs/misc/R43989.pdf 

218a  Testimony - Blackout! Are we Prepared to Manage the Aftermath of a Cyber-Attack or Other

           Failure of the Electrical Grid?, Congressional Research Service, April 11, 2016

           http://transportation.house.gov/uploadedfiles/2016-04-14-campbell.pdf

219    The Grid, by FULL MEASURE STAFF, SUNDAY, DECEMBER 25TH 2016
           http://fullmeasure.news/news/government-accountability/the-grid-12-25-2016
220    AP Investigation: US power grid vulnerable to foreign hacks, Garance Burke and

           Jonathan Fahey, Dec. 21, 2015

           http://bigstory.ap.org/article/c8d531ec05e0403a90e9d3ec0b8f83c2/ap-investigation-us-power-grid-vulnerable-foreign-hacks 

221    Everything We Know About Ukraine’s Power Plant Hack, Wired, Kim Zetter, 1/20/16

           http://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/ 

222    CIA Director calls Smart Grid Really Stupid - Security - Smart Meters
           
https://www.youtube.com/watch?feature=player_embedded&x-yt-ts=1421914688&v=rIFD1sUTGX8&x-yt-cl=84503534   (1min.)

223    https://en.wikipedia.org/wiki/Aurora_Generator_Test   

​223a  http://www.cnn.com/2007/US/09/27/power.at.risk/index.html   

​223b  video:  https://muckrock.s3.amazonaws.com/foia_files/aurora_high_res.wmv  (3 min.)

224    Smart meter hacking tool released , ZDNet, by Emil Protalinski for Zero Day, 7/22/2012

           http://www.zdnet.com/article/smart-meter-hacking-tool-released/

225    Smart Grid Electric Meters Altered to Steal Electricity,  FEDERAL BUREAU OF
           INVESTIGATION INTELLIGENCE BULLETIN Cyber Intelligence Section, 27 May 2010
           
https://patriotsandpaulies.wordpress.com/2012/08/16/5-hacks-that-render-smart-meters-dumb/ 

202d  Thousands of smart meters ordered removed in Ontario, by Antonella Artuso,
           Qeen's Park Bureau Chief, Toronto Sun, January 22, 2015 
           
http://www.torontosun.com/2015/01/22/thousands-of-smart-meters-ordered-removed 

225a  U.S. Power Grid Being Hit With ‘Increasing’ Hacking Attacks as Smart Meter Deployments
           Continue
Smart Grid Awareness, June 24, 2015
           
http://smartgridawareness.org/2015/06/24/increasing-hacking-attacks-as-smart-meter-deployments-continue/

226    Smart Meter Hack Shuts Off The Lights by Kelly Jackson Higgins, InformationWeek /

           DarkReading.com, October 1, 2014

           http://www.darkreading.com/perimeter/smart-meter-hack-shuts-off-the-lights/d/d-id/1316242 

227    Deterrent and detection of smart grid meter tampering and theft of electricity, water,

           or gas by Jeff McCullough, Elster Solutions in Raleigh, NC.

           http://www.elstersolutions.com/assets/downloads/WP42-1010A.pdf  

227a  The Dangers of Smart Meters,  By Carl  Weinschenk, Energy Manager Today, 1/10/17

           http://www.energymanagertoday.com/dangers-smart-meters-0129651/

228    https://www.wired.com/2007/09/simulated-cyber/

228a  Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control

           Systems Security Recommendations of the National Institute of Standards and

           Technology; By Keith Stouffer, Joe Falco, Karen Kent; NIST Special Publication 800-82,

           U.S. Department of Commerce, Technology Administration, National Institute of

           Standards and Technology, September 2006

           https://www.dhs.gov/sites/default/files/publications/csd-nist-guidetosupervisoryanddataccquisition-scadaandindustrialcontrolsystemssecurity-2007.pdf 

228b  Simulated attack points to vulnerable U.S. power infrastructure, By Jaikumar Vijayan,

           Computerworld, Sep 28, 2007 

           http://www.computerworld.com/article/2541225/security0/simulated-attack-points-to-vulnerable-u-s--power-infrastructure.html 

228c  Simulated Attack Shows U.S. Vulnerabilities, By Jaikumar Vijayan, Computerworld,

           Sep 28, 2007    http://www.pcworld.com/article/137845/article.html

228d   CNN Video:  Staged cyber attack reveals vulnerability in power grid, Sep 27, 2007

           https://www.youtube.com/watch?v=fJyWngDco3g 

229    Assault on California Power Station Raises Alarm on Potential for Terrorism April Sniper
           Attack Knocked Out Substation, Raises Concern for Country's Power Grid,
           By REBECCA SMITH, Wall Street Journal, February 5, 2014

           http://www.wsj.com/articles/SB10001424052702304851104579359141941621778 

229a  Attack on electric grid raises alarm, Los Angeles Times, By Evan Halper and Marc

           Lifsher,  February 06, 2014
           
http://articles.latimes.com/2014/feb/06/business/la-fi-grid-terror-20140207
229b  Elizabeth Kreft, Chilling: Why An Underreported, ‘Significant Incident of Domestic

           Terrorism’ Might Not Be a Failed Attack at All, TheBlaze, Apr. 2, 2014

           http://www.theblaze.com/stories/2014/04/02/how-has-the-most-significant-incident-of-domestic-terrorism-involving-the-enery-grid-gone-largely-unreported-for-10-months/

230    Elizabeth Kreft, Another Attack Discovered at an Electricity Substation Near the Border—

          and One Congressman Says It’s ‘Only a Matter of Time’ Before More Attackers ‘Exploit

          This Vulnerability’, TheBlaze, Jun. 16, 2014

          http://www.theblaze.com/stories/2014/06/16/another-attack-discovered-at-an-electricity-substation-near-the-border-and-one-congressman-says-its-only-a-matter-of-time-before-more-attackers-exploit-this-vulnerability/ 

231    Who controls the off switch? Ross Anderson & Shailendra Fuloria, Computer
           Laboratory, 15 JJ Thomson Avenue Cambridge University, England,
           
Ross.Anderson@cl.cam.ac.uk & Shailendra.Fuloria@cl.cam.ac.uk
           
http://www.cl.cam.ac.uk/~rja14/Papers/meters-offswitch.pdf 

231a  How IRA plotted to switch off London by Jason Bennetto Crime Correspondent,  4/11/97

          http://www.independent.co.uk/news/how-ira-plotted-to-switch-off-london-1266533.html 

231b  Britain Convicts 6 of Plot to Black Out London, Warren Hoge, New York Times,

           July 3, 1997

           http://www.nytimes.com/1997/07/03/world/britain-convicts-6-of-plot-to-black-out-london.html 

232    Cyber expert on smart grid: massive vulnerability, who's accountable?, David Chalk  (8:15)

           https://www.youtube.com/watch?x-yt-ts=1421914688&x-yt-cl=84503534&v=2c1sadZCO60

233    http://fullmeasure.news/news/government-accountability/the-grid-12-25-2016 

234