From ABS CBN News, 7-16-14
‘Smart’ technology could make utilities more vulnerable to hackers
By Christoph Steitz and Harro Ten Wolde, Reuters
Smart meters and other new technology pose new risks
FRANKFURT – Last November, Felix Lindner came very close to shutting down the power supply of Ettlingen, a town of almost 40,000 people in the south of Germany.
“We could have switched off everything: power, water, gas,” Lindner, head of Berlin-based Recurity Labs, an IT security company, said.
Fortunately for residents, Lindner’s cyber attack on its energy utility, Stadtwerke Ettlingen, was simulated. But he revealed how easy it was to hack into the utility’s network through its IT grid, which gave him access to its control room.
“The experiment has shown that sensitive, critical infrastructure is not sufficiently protected,” said Eberhard Oehler, managing director of the utility, Stadtwerke Ettlingen.
Cyber attacks on infrastructure have become a major worry for utilities following the 2010 Stuxnet computer virus, which experts believe was used by Israel and the United States to make some of Iran’s nuclear centrifuges tear themselves apart.
The threat has been reinforced in recent months by the appearance of a computer virus known as the Havex Trojan, which hackers appear to have used to attack oil and gas firms.
Traditionally, energy utilities have kept infrastructure like power plants safe from cyber attack by keeping it separate from the open Internet.
But that is rapidly changing as a new generation of “smart” power meters hooks up customers to their utilities through the web, and new forms of solar and wind microgeneration supplement traditional centralised power stations.
“The risk is being underestimated outside of the industry,” Oehler said…
“We can identify three risks: outright sabotage; external, illegal control; and criminals that want to earn money with it,” said Udo Helmbrecht, executive director of the European Union Agency for Network and Information Security (ENISA).
The University of Cambridge said in a report that smart meters raised “several serious security issues” such as fraud through manipulated meter readings, misuse of private customer data and a threat of power outages through a large cyber attack.
Data-hubs which collect information coming from smart meters and transmit it to the utilities, including via mobile connections, could be especially vulnerable.
Excerpts used under Fair Use Rules.