|Read the Digest in
You need the free
Thanks to This Month's Availability Digest Sponsor
In this issue:
Browse through our useful links.
See our article archive for complete articles.
Sign up for your free subscription.
Visit our Continuous Availability Forum.
Check out our seminars.
Check out our writing services.
Check out our consulting services.
Protecting Our Power Grids
We depend upon electricity. Except for outages caused by fallen trees near us, our power grid has been extraordinarily reliable. However, that may be about to change. As Ukraine recently experienced, hackers are now able to get into the control computers that manage our grids and cause untold damage.
The generating plants, transmission lines, and distribution substations that make up a power grid are monitored and controlled by SCADA (supervisory control and data acquisition) systems that were designed decades ago, long before the Internet. When they were first deployed, they communicated with their control centers via private networks. However, the Internet has made it more economical for them to communicate over public networks.
I have had years of experience in developing SCADA systems and continue to write specifications and case studies for my SCADA customers. Since hacking was unknown at the time, we designed and deployed these systems without much thought to security. As these systems began to use the Internet, security was added as an afterthought; and it was not always effective.
Now hackers easily can place malicious software into the SCADA systems to compromise our power grids and damage critical equipment. It is imperative that power grids around the world install intrusion-detection facilities so that hacking attacks can be detected and stopped before they can cause major damage.
Dr. Bill Highleyman, Managing Editor
Hackers disabled a major portion of Ukraine’s power grid on the afternoon of December 23, 2015. 230,000 customers were without power for six hours. Operators were able to restore power only by manually closing substation circuit breakers that had been tripped open by the attack.
After a great deal of forensic analysis, details now are forthcoming about how this attack was carried out. It began with a phishing campaign that compromised some of the operators’ computers. This allowed the hackers to study the topology of the power grid and to steal operator logon credentials. Using these credentials, the attackers logged onto the control systems and started opening circuit breakers, thus shutting down thirty power substations around Ukraine.
The attackers then installed malicious firmware into the Ethernet controllers of the control systems so that operators could not send remote signals to reset the circuit breakers. Personnel had to go into the field to the substations to close the hacked circuit breakers. It took six hours to restore power. Operators still are unable to control the circuit breakers remotely from their control centers until the hacked control systems are replaced.
A human error resulted in many customers of Australia’s telecommunications company Telstra losing all mobile, home phone, and digital services. Services were not restored for four hours.
The Telstra network provides 2G, 3G, and 4G mobile services as well as landline home-telephone services to 70% of Australia’s population. Customers are connected to Telstra’s network via ten connection points called “nodes.” The nodes provide a great deal of redundancy. Should a few nodes go offline, the remaining nodes can continue to operate as normal, providing all Telstra customers with continuing network services.
However, on February 9, 2016, one of the nodes in the Telstra network did not perform correctly. A Telstra engineer took down the node for maintenance, but he failed to follow the correct procedure for rerouting traffic. Rather than transferring the customers connected to that node to other operating nodes in the network, he reconnected them to the malfunctioning node.
Suddenly, 10% of Telstra’s customers – about 1.5 million businesses and individuals – were without mobile service or home telephone service. They could not access their data. They could not make calls, browse the Internet, or check social media.
The U.S. power grid is extraordinarily reliable. It comprises a nationally connected network of power substations that can be reconfigured rapidly to substitute power for any substation that fails.
Outages that last days or weeks are highly unusual, though they do happen. The worst-case scenario is an event that causes the destruction of an extra-high-voltage (EHV) transformer. They are monstrous and vary in their characteristics. Thus, spares are not readily available. It can take months to manufacture an EHV transformer; and because of its size, it can take weeks to transport it to the substation needing the replacement.
There are doomsday scenarios in which a major catastrophe can knock out significant portions of the U.S. power grid, destroying thousands of EHV transformers in the process and taking months or more to repair. During this time, large portions of the U.S. will be without power.
Fortunately, a recent initiative by the power industry has led to the design of a smaller transformer that can be combined with others of its size to replace a large EHV transformer. These smaller versions can be pre-manufactured and located near sensitive power substations as spares. If a large EHV transformer should be disabled, it can be replaced in days rather than in months.
HPE has released its 2016 Cyber Risk Report. Prepared by the HPE Security Research team, it is an extensive report (96 pages) that examines the vulnerabilities that leave organizations exposed to data breaches. It is no longer a question of ‘if’ an organization will be attacked but ‘when.’ The report provides insights into how security funds and personnel can be allocated better to counter the threats and to prepare a proper breach response. The report focuses on seven key themes:
Theme #1: The year of collateral damage.
Theme #2: Overreaching regulations push research underground.
Theme #3: Moving from point fixes to broad impact solutions.
Theme #4: Political pressures attempt to decouple privacy and security efforts.
Theme #5: The industry didn’t learn anything about patching in 2015.
Theme #6: Attackers have shifted their efforts to directly attack applications.
Theme #7: The monetization of malware.
In addition, the report describes bug-bounty programs that reward security researchers for the reporting of newly discovered vulnerabilities.
A challenge every issue for the Availability Digest is to determine which of the many availability topics out there win coveted status as Digest articles. We always regret not focusing our attention on the topics we bypass.
Now with our Twitter presence, we don’t have to feel guilty. This article highlights some of the @availabilitydig tweets that made headlines in recent days.
Sign up for your free subscription at http://www.availabilitydigest.com/signups.htm
Would You Like to Sign Up for the Free Digest by Fax?
Simply print out the following form, fill it in, and fax it to:
+1 908 459 5543
The Availability Digest is published monthly. It may be distributed freely. Please pass it on to an associate.
Managing Editor - Dr. Bill Highleyman firstname.lastname@example.org.
© 2016 Sombers Associates, Inc., and W. H. Highleyman