Tag Archive for: Grid

China is hacking Wi-Fi routers for attack on US electrical grid and water supplies, FBI warns • Graham Cluley


China is hacking Wi-Fi routers for attack on US electrical grid and water supplies, FBI warnsChina is hacking Wi-Fi routers for attack on US electrical grid and water supplies, FBI warns

Got two-and-a-half hours to spare?

Maybe instead of settling down to watch “Mission: Impossible – Dead Reckoning Part One”, you could check out this video where FBI director Christopher Wray warned the US Congress earlier this week of the risks posed by Chinese state-sponsored hackers.

As Wray described to the House select committee on the Chinese Communist party, a botnet operated by Volt Typhoon hacking group has been disrupted by law enforcement agencies.

The “vast majority” of affected routers are out-of-date NetGear and Cisco gear that are deemed to have reached their “end of life” and are no longer receiving security updates.

The routers were vulnerable to being recruited into Volt Typhoon’s so-called KV botnet if left unpatched. However, a court-approved US operation has deleted the malware from affected routers and took steps to prevent reinfection.

Sign up to our free newsletter.
Security news, advice, and tips.

According to the FBI’s Wray, Volt Typhoon is compromising small businesses and home office routers to hide the origin of future Chinese-backed cyber attacks.

“China’s hackers are targeting American civilian critical infrastructure, pre-positioning to cause real-world harm to American citizens and communities in the event of conflict. Volt Typhoon malware enabled China to hide as they targeted our communications, energy, transportation, and water sectors.”

Committee chairman Mike Gallagher said the attacks were the “cyberspace equivalent of placing bombs on American bridges, water treatment facilities and power plants.”

Although it’s a headline-grabbing thing to say, there is some truth in it. We have seen cyber attacks by nation-states against water facilities and electricity grids in the past. If successful, such attacks could have a significant impact.

Russia, for instance, managed to cut off internet access for tens of millions of Ukrainians, and in a separate cyber attack disrupted the power grid in the war-torn country.

“There is no economic benefit for these actions. There is no intelligence-gathering rationale,” continued Gallagher. “The sole purpose is to be ready to destroy American infrastructure, which will…

Source…

US grid rules preclude reliability, security benefits of cloud computing, experts warn


Cloud technologies could provide significant cost, security and reliability benefits to the U.S. electric grid but critical infrastructure rules do not allow them to be used for certain larger assets, multiple speakers said Thursday at the Federal Energy Regulatory Commission’s annual reliability conference.

The Critical Infrastructure Protection rules, or CIP, are managed by the North American Electric Reliability Corp. and currently require grid asset owners to have certain control or knowledge of the devices operating their software. Cloud computing makes that difficult or impossible, experts agreed, in particular for what are known as high- or medium-impact grid assets.

Current NERC standards “do not provide clear guidance” on how regulated entities can implement new technologies that may not have been envisioned by the current CIP rules, Joseph Mosher, portfolio manager at EDF Renewables, told the commission. “Attempts to incorporate newer technology into the NERC CIP standards can be painful and time consuming,” he said.

Experts expressed concerns over the outdated CIP rules, at a time when grid officials say they face growing threats.

“One can definitely make the argument that the grid is less secure today than it would be” if cloud computing solutions were allowed, “and that gap is growing every day,” security consultant Tom Alrich said. “This is the biggest problem with NERC CIP today.”

A related problem — that important information about those systems can’t today be stored in the cloud — will be fixed beginning next year when two revised CIP standards come into effect, he said.

A sector under attack

The cyber threat to the electric power sector is growing, and grid officials say they must utilize new tools to counter it.

“The electricity sector is under constant attack by nation states and organized criminals. We see billions of attempts a day to survey our networks, identify vulnerabilities or gaps in protection, steal credentials or data, or exact a ransom,” Manny Cancel, senior vice president and CEO of the Electricity Information Sharing and Analysis Center, told regulators…

Source…

EV Charger Hacking Could Imperil the Security of the Power Grid – Mother Jones


A man wearing shorts and a t-shirt eating a burrito walks past a white Tesla plugged in to a public charging station

Alexi Rosenfeld/Getty Images/Grist

This story was originally published by Grist and is reproduced here as part of the Climate Desk collaboration. It was co-published with Climate Desk partner Wired

With his electric Kia EV6 running low on power, Sky Malcolm pulled into a bank of fast-chargers near Terre Haute, Indiana, to plug in. As his car powered up, he peeked at nearby chargers. One in particular stood out.

Instead of the businesslike welcome screen displayed on the other Electrify America units, this one featured a picture of President Biden pointing his finger, with an “I did that!” caption. It was the same meme the president’s critics started slapping on gas pumps as prices soared last year, cloned 20 times across the screen. 

“It was, unfortunately, not terribly surprising,” Malcolm said of the hack, which he stumbled upon last fall. Such shenanigans are increasingly common. At the beginning of the war in Ukraine, hackers tweaked charging stations along the Moscow–Saint Petersburg motorway in Russia to greet users with anti-Putin messages. Around the same time, cyber vandals in England programmed public chargers to broadcast pornography. Just this year, the hosts of YouTube channel The Kilowatts tweeted a video showing it was possible to take control of an Electrify America station’s operating system. 

While such breaches have so far remained relatively innocuous, cybersecurity experts say the consequences would be far more severe at the hands of truly nefarious miscreants. As companies, governments and consumers sprint to install more chargers, the risks could only grow.

In recent years, security researchers and white-hat hackers have identified sprawling vulnerabilities in internet-connected home and public charging hardware that could expose customer data, compromise Wi-Fi networks, and, in a worst-case scenario, bring down power grids. Given the dangers, everyone from device manufacturers to the Biden administration is rushing to fortify these increasingly common machines and establish security standards.

“This is a major problem,”…

Source…

Keeping Hackers Off the Electrical Grid | News


ORNL researchers showed how to encode grid operating data into a unique color pattern hidden inside a single video frame, which can be transmitted to a grid control center computer using a Fibonacci sequence to encode/decode each sensor reading.

Credit: Oak Ridge National Laboratory

As attacks on grid substations increase—by 70% in 2022 alone, according to the Department of Energy’s Oak Ridge National Laboratory (ORNL)—engineers there are anticipating new attack vectors and taking measures to protect from hackers using them.

“As researchers, we try to stay ahead of cyber threats, not just react to them after they occur,” said ORNL’s Peter Fuhr, who heads its Grid Communications and Security group. Fuhr’s group recently demonstrated a new method of using a rotating color wheel to encode grid sensor data subliminally into a video feed, and using a novel Fibonacci sequence decoding key that rotates the color-wheel so each sensor reading uses a unique color code.

“ORNL has invented a compelling method to protect our critical grid infrastructure that builds upon known encryption technology,” said Sterling Rooke, chief executive officer (CEO) of Brixon Inc. (Baltimore) , a company that manufactures electrical power monitoring instruments. “With the right application, there will be a need for this novel implementation—a kind of steganography that conceals critical information within the existing live video feeds from the grid substations themselves.”

The technique, Fuhr says, translates the encrypted character codes utilities use today to a color-code hidden in video feeds from cameras that already monitor substation activity. EPB (formerly the Electric Power Board, Chattanooga, TN) successfully tested the technique for six months using a virtual local area network (VLAN) link between the central-EPB grid control center and its substations. “We proved the concept in the lab at ORNL, then extended the testing to a nearby substation, and eventually installed the color encoding/decoding equipment at both the EPB substation and its central-control computer,” said Fuhr. “It’s the real deal—tested and…

Source…