Smart Grid Attack Scenarios
This is the third (and last) in a series of posts looking at the threats surrounding smart grids and smart meters. In the first post, we introduced smart meters, smart grids, and showed why these can pose risks. In the second post, we looked at the risks of attacks on smart meters.
In this post, we’ll look at the risks when smart grids are attacked. Smart grids pertain to an electric grid with digital information/communication capabilities for recording information on both consumers and suppliers. What differentiates an attack on a smart grid from an attack on a smart meter? Simply put, scale: an attack on a smart grid affects many more users than an attack on an individual meter. The potential for damage is proportionately much more significant.
However, this also means that the attack surface is different. Not only can the smart meters be attacked, but the servers at the utility that controls the smart meters can also serve as an attack vector. However, these servers can also be defended with tools used to defend against targeted attacks.
Perhaps the most obvious smart grid attack scenario would be: extortion. An attacker would take control of the smart grid in order to disrupt the provided services. The attacker might even choose to “update” the firmware on the devices if they choose to, making the attack more difficult to completely mitigate. Either way, the goal of the attacker would be to cause disruption in the service in order to get money out of the local utility company or government. Alternately, the chaos itself may be the goal, either for political reasons or to distract local law enforcement from other crimes going on at the same time.
One slightly more subtle attack against the smart grid would be a denial of service attack. How would the smart grid cope with corrupt data? This data can either be completely corrupt (incorrect format and content), or perhaps the corrupted data could have the correct format, but incorrect or crorrupt data. Either way, like buffer overflows on other piece of software, vulnerabilities in servers may also pose a risk to the grid as a whole.
Figure 1. Denial of service attack targeting an entire grid
(A screenshot from our video highlighting attack scenarios)
An attack with less dire consequences would be meter tampering. It is very possible for smart meters to be tampered with – in fact, it’s already happened in Malta. As all the reading is “electronic”, it’s trivially easy to modify the readings of the meters. Modify the reading too much and the discrepancy becomes too obvious, but a small modification might not raise eyebrows much.
We raise these scenarios not because we want to frighten people, but to raise awareness against them. It is possible to defend against these attacks – by designing the systems with security in mind, by ensuring that the appropriate custom defense solutions are in place, etcetera. However, these can only be put in place if people recognize that the threat does exist.
You can read the previous blog posts on smart meters here:
Post from: Trendlabs Security Intelligence Blog – by Trend Micro
Read more: Smart Grid Attack Scenarios