Hackers Can Cut the Lights With Rogue Code, Researchers Show (bloomberg.com) 27
Safety device used for electrical distribution worldwide could be hacked to turn off power, according to cybersecurity experts. From a report: As Ang Cui added more juice to the power grid, overhead electric lines began to glow bright orange. Then, within seconds, the power lines evaporated in a flash of smoke, leaving an entire section of Manhattan in the dark. No actual buildings or people lost power because, luckily, this was just a simulation -- a tabletop diorama of Manhattan complete with tiny copper power lines and the Statue of Liberty relocated to a pared-down Central Park. Cui's colleagues at Red Balloon Security had unleashed a few lines of malicious code that knocked out a computer designed to protect electrical lines. The real-world consequences were unmistakable: hackers could shut off power in parts of the city, an industrial plant or sports stadium by targeting the very systems designed to protect it. "Whew -- need to open a window," said Cui, Red Balloon's chief executive officer and founder, wafting his hands in an effort to clear the smoke swirling around his fourth-floor office. The charred remains of plastic poles were all that was left of the diorama's power lines.
Safety devices like the one Cui's team examined are key to the operation and stability of the modern electric grid. Known as protection relays, they cut the power when faults, or abnormal currents, threaten to damage equipment or harm people. Researchers at Red Balloon discovered vulnerabilities on a relay made by the French firm Schneider Electric SE, called the Easergy P5. The company on Tuesday published a software fix for the device, which is not yet for sale in the U.S. A Schneider Electric spokesman said the firm is "extremely vigilant of cyber threats and continually assesses and evolves our products and R&D practices to better protect our offers, and our customers' operations against them." "Upon learning of the vulnerabilities with the Schneider Electric Easergy P5 protection relay, we worked immediately to resolve them," according to the spokesman. "We urge users of the product to follow the guidance we will provide in the Jan. 11 security notification -- which includes a software patch that will address the immediate risk -- as part of our disclosure process. Users should implement general cybersecurity best practices across their operation to protect their systems."
Safety devices like the one Cui's team examined are key to the operation and stability of the modern electric grid. Known as protection relays, they cut the power when faults, or abnormal currents, threaten to damage equipment or harm people. Researchers at Red Balloon discovered vulnerabilities on a relay made by the French firm Schneider Electric SE, called the Easergy P5. The company on Tuesday published a software fix for the device, which is not yet for sale in the U.S. A Schneider Electric spokesman said the firm is "extremely vigilant of cyber threats and continually assesses and evolves our products and R&D practices to better protect our offers, and our customers' operations against them." "Upon learning of the vulnerabilities with the Schneider Electric Easergy P5 protection relay, we worked immediately to resolve them," according to the spokesman. "We urge users of the product to follow the guidance we will provide in the Jan. 11 security notification -- which includes a software patch that will address the immediate risk -- as part of our disclosure process. Users should implement general cybersecurity best practices across their operation to protect their systems."
they still have fuses that will blow at overload? (Score:2)
they still have fuses that will blow at overload? even if some software switch locks on?
Re: (Score:3)
Re: (Score:2)
miles of fuse hung from poles
Exactly. Power-lines can also just be heated up and thereby elongated enough that they touch trees or other things. Same effect.
A power-grid is _very_ vulnerable to attackers with the right knowledge. The attacks we have seen so far were done by incompetents (regarding the power-part) or people that did not actually want to kill the grid. For example, the attack in Ukraine had them flashing invalid firmware into Ethernet-to-serial converters, probably with a tool they found on the hacked computers. That mad
Re: (Score:2)
They will have a variety of safety devices. Regular (although extremely high current) fuses, resettable fuses, software controlled fuses.
I Work in Electric Utility OT. (Score:2)
Fortunately all of our protective relays are SEL or Cooper, and most of the utilities we work with are using SEL...
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Not all of them are. Some SEL equipment uses leased lines and one place tried to get this on a network instead but could not get the necessary performance at a cheaper cost. But a network is necessary so that you don't have huge costs and delays by sending trucks out just to flip a switch. Note that this is not necessarily the public internet, but a private IP based network, or with an IPSEC tunnel heading from the field to the back office, etc. If you want to stop blackouts from spreading, then the equip
Re: I Work in Electric Utility OT. (Score:2)
Shame VPN gateways are mostly insecure trash, with FIPS just meaning it has extra NSA backdoor.
re: VPNs (Score:2)
You know though? It really wasn't THAT long ago, everyone I knew in cybersecurity was praising the IPSEC VPN tunnel as pretty much the ultimate Internet security solution. Sure, that Microsoft RDP stuff was always trash ... but set up a good IPSEC solution and you're golden, they said.
Now, all VPNs are pretty much trash....
I don't specialize in the security part of I.T. myself, but this is kind of why. Over the years, I see solution after solution, and device after device lauded as great and effective. And
Re: re: VPNs (Score:2)
VPNs are still a necessary solution, but most have them have a poor security record.
Between the illusion of control of C programmers and NSA&co being more concerned with preserving their own sets of known exploits and backdoors rather than securing critical infrastructure like VPNs we all got fucked.
Re: (Score:2)
Why is anything that touches these things connected in any way to the fscking internet?
Because people are cheap, greedy and stupid. Yes, I was involved in a project looking at how grid control-signalling is secured and what the risks there are a few years back. Not in the US.
Re: (Score:2)
And have you had anyone pen-test those? Schneider actually go to quite a bit of effort to get their security right, if you look at the first vuln it's because it was set up with hardcoded credentials rather than any coding error, the second one was a coding error but that's deep inside a low-level protocol rather than remote 0day level. Only one coding error found in something as complex as an IED is quite impressive.
Disclaimer: I don't work for them, but I've dealt with them and other vendors in the pas
The one in the hall by the front door ? (Score:1)
Cyber command is very unhappy (Score:2)
One of their tricks has been revealed
As to which cyber command... I leave that to your imagination
If they can control the relays what else? (Score:2)
By the time they have penetrated deeply enough to affect those relays I imagine they can fuck up a whole lot more.
Re: (Score:2)
Well, it's always been vulnerable. Those relays also tend to be used for target practice. For some utilities they really do not want blinking LEDs up on the power poles for that reason. Within the last decade that was a major outage locally caused by someone driving a few miles out of town and breaking into a substation. You don't need the internet to cause disruption.
Re: If they can control the relays what else? (Score:2)
It has less risk of getting caught, can allow wider spread disruption and is very easy to false flag. Just find some exploitable system at a plausible department of your least favourite nation (US, Russia, China, Iran or NK) and make that look like the originating system of the hack.
obligatory (Score:2)
Re: (Score:2)
Replace voting machine with power grid: there's an xkcd for everything. Link [xkcd.com]
That one is nice. I once had to explain to some banking IT people that putting a link into a completely isolated network used for some high-security stuff in order to get AV updates in there was a really bad idea. They did it anyways. We moved our company banking account someplace else after that.
Flashy blinky toys (Score:2)
Schneider's vulnerability notification (Score:2)
The security notification [schneider-electric.com]
The device(s) has a buffer overflow vulnerability - been a while since one of these came up - and uses a hardcoded ssh key. The buffer overflow affects two other Easergy relays. And here is the Schneider security notifications page [se.com]. They sure have a lot of them.
As an aside, is it just the time of day/night or has the quality of comments on /. really sunk this low? Genuinely? Just bloviated, callow opinions and old jokes? I did like the one about the hall light, though.
Stupid F*cks get what they Deserve (Score:1)
Safety Systems should not be connected to either the control network or the Internet (nor any other network). Stupid Dumb F*cks that do stupid f*cking things will suffer the consequences of their own stupidity.
Probably naive question... (Score:2)
...are there really no hardware-based safeties that would prevent the wires from melting down? It seems to me that the issue is less about turning off the power than it is about causing widespread damage. A safety mechanism that can be quickly reset or replaced seems like much less problematic than public utility wires melting, which could take much longer to replace.
Re: (Score:2)