By Terri Williams
Cybersecurity researchers are warning that electric grid infrastructure could be at risk from the microprocessor vulnerabilities that dominated the news earlier this year.
The two vulnerabilities, Meltdown and Spectre, are chip flaws that allow attackers to capture sensitive information stored in the memory of other running programs, such as passwords and encryption keys. The Meltdown vulnerability affects Intel and Qualcomm processors as well as one version of the ARM chip. The Spectre vulnerability affects Intel, Qualcomm, ARM and AMD chips.
Revealed in January, these bugs can affect desktops, laptop, smartphones and other mobile devices and wreak havoc on consumers and businesses alike, but one major concern is their potential to harm the country’s infrastructure.
“Meltdown breaks the most fundamental isolation between user applications and the operating system,” the Department of Homeland Security Computer Emergency Readiness Team wrote in a report on the vulnerabilities. “This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.”
Regarding Spectre, the report states, “Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre.”
Both Meltdown and Spectre are considered medium-level security threats, according to Antonio Soliz, public affairs officer in the office of external affairs at National Protection and Programs Directorate at DHS. There are no known instances in which Meltdown and Specter have caused problems, but because they operate so stealthily, it would be difficult to detect an attack.
Multiple threats against the grid
Larry Pileggi, professor of Electrical and Computer Engineering at Carnegie Mellon’s College of Engineering and an expert in power grids and electrical power systems, said hackers could absolutely use the vulnerabilities to attack the grid – and it wouldn’t be the first time the grid was targeted.
While Meltdown and Spectre represent the latest vulnerabilities that could threaten the grid, they are far from the only threats, Pileggi explained. In 2014, Symantec published a report detailing several known attacks against the energy sector.
“Any computing system or ‘chip’ that is part of a computing system can be hacked, which could be used to cause the grid to collapse,” said Pileggi. “This can be done, for example, by causing a power generation plant to ‘see’ data that is not real, thereby changing the power that is generated and creating a situation where the grid cannot properly operate.”
According to Pileggi, a well-known example of this type of hack occurred on the Ukraine grid during the invasion by Russia.
In the attack on Ukraine, hackers gained access to IT infrastructure using malware, took over the SCADA distribution management system, knocked several substations offline, interfered with the backup power at two distribution centers and prevented customers from calling the customer call center to report outages. The attack affected 230,000 people for a duration of three to six hours.
Limiting pervasive cyberattacks
In the event of a power outage caused by a cyberattack, microgrids are viewed as a way to limit its effect. However, according to a report by Accenture, they are also vulnerable to cyberattacks.
So, what’s the solution? “Better modeling and design of a grid that provides resilience to failure,” Pileggi said. “Better modeling, more collection of data that can provide continual assessment of the current state of the grid, and early identification of anomalies or vulnerabilities.”