The Pentagon's plan to defend the power grid against hackers
The Pentagon's advanced research wing听is looking for ways听to safeguard America's most critical assets from attacks on the Internet 鈥 a network it helped create.
The Defense Advanced Research Projects Agency (DARPA), which听pioneered much of the technology underpinning听the Internet,听is planning to invest $77 million over the next four years to develop methods to help utilities detect and recover from cyberattacks, which experts say is a growing threat to small and large power operators alike.听
"What we鈥檙e really looking at is a high-impact, low probability event," says John Everett, program manager at the Information and Innovation Office at DARPA who is overseeing the initiative. But, says Dr. Everett, "DARPA鈥檚 mission is to create and prevent technological surprises."
As听electric power plants and other critical infrastructure facilities' increasingly rely on Internet-connected technologies and wireless communications, hackers appear to be uncovering new avenues to penetrate their networks. While cybersecurity experts have been warning about this for years, that threat gained new attention in the wake of last month's malware attack on a Ukrainian power plant and recent news reports of digital incursions at a small New York dam and at the major US听power producer Calpine Corp.听
In addition to those attacks, President Obama in October that emphasized the need to shore up US critical infrastructure facilities against attack.
"There is a lot of discussion about what the potential for risk is, but we鈥檇 like to really get to the technical bedrock and understand the extent and nature of that," said Everett.听
The program that was first announced in December will focus on three main areas of technological innovation: situation awareness, network isolation, and rapid forensic analysis. If utilities can quickly detect digital attacks, says Everett, it has a better chance of preventing physical damage from occurring.
To date, there's no clear, public evidence that a cyberattack has caused widespread physical damage to the grid, but experts say malware is regularly found on Internet-connected industrial control systems.
A recent听听by the cybersecurity firm Tripwire revealed that 82 percent of the oil and gas companies surveyed said they saw an increase in successful cyberattacks over the past year. More than half of the same respondents said the number of cyberattacks increased between 50 to 100 percent over the past month.
Still, it鈥檚 difficult to determine how serious these attacks are. Even if malicious hackers are able to gain access to a system, that doesn鈥檛 necessarily mean they know how to control it. A hacker would need a very detailed understanding of how a system operates in order to create an effect, one that could require an advanced degree in physics or engineering, experts say.听
"Anytime you open up a service and provide an interface to someone, a button to press or a way to push information into the system or take information out, you can probably develop a way to attack it,"听explains Rod Schultz, vice president of Rubicon Labs, a cybersecurity startup. "Those sources are being opened up by these new technologies and the attackers are going to test the waters. They鈥檙e just like little kids running around a classroom trying to see what they can get away with."
The same goes for green technology such as wind and solar power. Measures to make the grid more ecologically sustainable are opening new portals that could be breached. The German security researcher Maxim Rupp, for example, found that Web controls for certain models of wind turbines are听听to hacking. And while the grid was originally designed to push energy in one direction, solar panel installation increases vulnerability by transforming the grid into a two-way street and pushing energy back into the system.
Amid this changing energy landscape, awareness about the need to protect energy supplies from cyberthreats is spurring innovation.听In the Netherlands, for example,听听that would reconfigure the grid automatically after an attack to keep energy flowing. In this case, the European Union funded the research at a lab in Switzerland.听
In the US,听DARPA appears fully aware that the adoption of energy-saving tech such as smart meters can bring about vulnerabilities, too.听"With only a few million meters installed, maybe that鈥檚 not a huge threat today," says DARPA'S Everett. "But what happens if it proceeds over 10 years and most of the country is in that situation?"
While the government and the utility industry are clearly pouring more resources into听the security of听critical infrastructure facilities,听Tim Erlin,听director of IT security at Tripwire, warns the industry may need to move faster to defend against cyberthreats.
"Attackers continue to evolve their tools and techniques to defeat the protection controls that are put in place," he said. "The industry has to evolve to meet those new threats and defend against them."
听
