Explainer: The Three Openings that Hackers Could use to Attack the Smart Gird

In order to have a grid that is capable of handling the electricity needs of the 21st century — a “smart” grid — we need to make sure that security concerns are addressed. Without good cybersecurity, a smart grid will be very difficult to realize.

Cybersecurity focuses on protecting computers, programs, networks, and data from unauthorized access and change. In a computer network, there are many different layers of security to prevent imposters from attacking.

The three main layers presented below will separate and explain the concept of cybersecurity with respect to the smart grid as the sum of its distinct parts.

For an explainer on cybersecurity and the smart grid, read this article.

Denial of service: What is it?

In order to understand cybersecurity, it is important to understand the concept of a denial of service (DoS). A denial of service attack is any attempt by an individual or group to make a machine or network resource unavailable to its intended users.

A distributed denial of service attack (DDoS) is when the attack source consists of more than one, usually thousands and sometimes millions of unique real or virtual computers.

An attack of this kind is analogous to a large group of people crowding and blocking the entry door to a department store. The crowd, which can be thought of as the attacking computers, prevents the customers, who can be thought of as the intended users, from going into the store.

A classic example of a denial of service attack is the one carried out by the hacker codenamed “Mafiaboy.” In 2000, Mafiaboy launched a massive distributed denial of service attack on Yahoo, the number one search engine website at the time. The attack overwhelmed the Yahoo servers and made the website inaccessible to users for an entire day.

Each of the following three layers are vulnerable to DoS or DDoS in their own way.

The physical layer: Not necessarily things that we can touch

This is the layer of wireless radio waves. For that reason, attacks on the “physical” layer are not physical in the normal sense, but physical in that they can be carried out by tampering with the physical properties of wireless waves within a large network. More specifically, an attacker can emit waves at the correct frequency to “jam” a wireless network which would in turn deny the intended users of the network service to it.

In a smart grid, wireless technologies will be widely used and so, it is very likely for jamming of this kind to be attempted in high frequency.

“Something that often goes under the radar in cybersecurity discussions is wireless jamming,” says Montek Singh, a researcher of hardware security at UNC Chapel Hill. “But in a smart grid, everything will be wireless so we need to build better security for this.”

Singh says that it is often the things we most neglect that come back to bite us. He says that if we plan to have a smart grid, we would have to tighten up security on all fronts.

The network layer: How the internet works

The internet is continually sending information from one piece of software to another. For example, the software on your smartphone is continually using your social media username and password to retrieve new updates from your friends. This layer is what holds all the connections needed for the internet to function properly.

Attacks on the network layer are performed by overloading a specific connection with signals from thousands and sometimes millions of computers. When this happens, the receiver is given more signals than it can process and so service is denied to those trying to use the connection as intended.

Most of the communication done in a smart grid will be done using the internet so having a secure network layer will be essential.

“Even as we speak, there are network attacks being carried out,” says Mike Reiter, a researcher of information technology security at UNC Chapel Hill. “It is a big problem and it will likely be even bigger if we have a smart grid someday.”

Reiter believes this layer to be the most vulnerable because of how massive it is.

“There are a countless number of connections on the internet and it is increasing by the thousands everyday” says Reiter. “The connections in something like a smart grid will targeted heavily by hackers.”

The application layer: Where small bugs create big problems

The application layer is the layer of the actual piece of software. Attacks here are made possible by careless software design.

“When people think cybersecurity, this is likely the first thing that they think of,” says Reiter. “Bugs in software that hackers exploit to create large problems.”

Reiter says this is where most the development will take place.

By this he means that improvements in cybersecuirty are likely to come from better software development. The other layers are fairly well established and unlikely to change . The software layer is the second most vulnerable and is constantly changing from software to software.

“In my experience, poor software design has been the main reason behind large computer security issues,” says Reiter. “The smart grid will be using lots of software so this is where most of the development will take place.”