Terror Defense No Al Qaida Terror



Download 2.62 Mb.
Page53/81
Date18.10.2016
Size2.62 Mb.
#2908
1   ...   49   50   51   52   53   54   55   56   ...   81

Grid

No Collapse

Grid collapse is impossible- redundancy, specialized equipment, and deterrence check.


Perera 14 By DAVID PERERA | 9/10/14 U.S. grid safe from large-scale attack, experts say http://www.politico.com/story/2014/09/power-grid-safety-110815.html#ixzz3f99UxEU3 David Perera is a cybersecurity reporter for POLITICO ProTina

But in fact, the half-dozen security experts interviewed for this article agreed it’s virtually impossible for an online-only attack to cause a widespread or prolonged outage of the North American power grid. Even laying the groundwork for such a cyber operation could qualify as an act of war against the U.S. — a line that few nation-state-backed hacker crews would wish to cross. None denied that determined hackers could penetrate the networks of bulk power providers. But there’s a huge gap between that and causing a civilization-ending sustained outage of the grid. Electrical-grid hacking scenarios mostly overlook the engineering expertise necessary to intentionally cause harm to the grid, say experts knowledgeable about the power generators and high voltage transmission entities that constitute the backbone of the grid — what’s called the bulk power system. There’s also the enormity of the grid and diversity of its equipment to consider. “The grid is designed to lose utilities all the time,” said Patrick Miller, founder and director of the Energy Sector Security Consortium. “I’m not trying to trivialize the situation, but you’re not really able to cause this nationwide cascading failure for any extended duration of time,” he added. “It’s just not possible.” ICS security in a nutshell Controlling the boilers, fans, valves and switches and other mechanical devices that turn raw inputs and high-voltage transmission into flip-of-a-switch electricity is a class of computers known as industrial control systems. Supervisory Control and Data Acquisition Systems, or SCADA, is a type of ICS. ICSs aren’t general purpose computers like desktops. At the level of direct control over electromechanical processes — via a device often classified as a Programmable Logic Controller — programming is mainly done in specialized languages on obscure operating systems. Even just accessing a PLC requires particular software. Hiding malware in field devices is difficult to impossible. Many of the devices “aren’t running multi-thread, multi-tasking operations like our laptops,” noted Chris Blask, chair of the Industrial Control System Information Sharing and Analysis Center. And penetration is just a starting point. “Just hacking into the system, and even taking complete control of a computer or crashing a bunch of computers, won’t necessarily bring down the bulk electric system,” said Dale Peterson, founder of Digital Bond, an industrial control system cybersecurity consultancy. For example, hackers could cause a SCADA system to crash, causing grid operators to lose system visibility — decidedly not a good thing. But the grid doesn’t need the SCADA system to continue operating. “There has to be an understanding that simply taking out the cyber assets doesn’t cause a blackout,” Peterson said.

Grids stable – existing safeguards check and are easily transferred to the smart grid


Billings 14 (Robert Billings, Jr., has worked in the field of electrical construction for more than 25 years, and is experienced as a journeyman electrician, electrical estimator, electrical project manager, foreman and contractor in residential, commercial and industrial installations. "ecurity Implications of the Electric Smart Grid," Sept.4, 2014. www.securitymagazine.com/articles/85785-security-implications-of-the-electric-smart-grid?page=1) jsk

As the nation transitions to the smart grid, the electrical power industry will likely find the most efficient security solutions to be those that supplement already existing standards, controls, and best practices. Following are different categories of technologies that can be modified to better mitigate the risks associated with the smart grid: (NIST, 2010a):

1) Power System Configurations and Engineering Strategies



Today’s power system has carefully planned and thoroughly evaluated responses to n-1 contingencies, such as the loss of a generator or transmission component, so that the power grid remains resilient and continues to operate when the function of a physical component has been compromised (ESCSWG, 2011). The existing power grid has extensive component, system, and network redundancies. Redundant power system equipment (e.g., power supplies, generators, transmission lines, transformers, and switching devices) exist for power system generation, control, and communication. There are redundant communication networks, including fiber optic networks and power line carriers between substations, as well as communication head-ends – control devices required by some networks to provide certain centralized functions, such as remodulation, retiming, message accountability, contention control, diagnostic control, and access to a gateway (NIST, 2010a). There also are redundant automation systems (e.g., additional substation protective relays) and redundant power system configurations (e.g., networked grids and multiple feeds to customer sites from different substations).

As the electrical power delivery system evolves, similar response processes and supporting advanced technologies must be in place so that the power infrastructure remains resilient and continues to operate when IT components have been compromised (ESCSWG, 2011). Each critical component must have a redundant counterpart. Additionally, if a component fails, it should fail in a manner that does not generate unnecessary network traffic or cause another problem elsewhere, such as a cascading failure (NIST, 2011). Redundant information sources (e.g., redundant sensors and voltage measurements from different substation equipment or from different substations), must be fully automated for true smart grid interconnectivity. Many of our current grid system pathways have been closely paralleled with additional lines to provide additional capacity; however, these are not true alternate pathways. Obstacles pertaining to property law have been encountered, and must be resolved, to develop the multiple pathways necessary for the smart grid.

2) Power System Analysis and Control

The existing power system operates with an EMS-enabled transmission grid, which can provide real-time information on the grid’s status and allow various grid functions to be automated remotely. Power flow models of the transmission system, generators, and loads can simulate real-time or future power system scenarios; redundant measurements from the field are used to estimate real measurements from missing or inaccurate sensor data; and contingency analysis capabilities use electrical sign wave analyses to assess the power flow models for single points of failure (n-1), as well as any linked types of failures, and can flag possible problems (NIST, 2010a).

Existing distribution management systems can simulate real-time and possible future power system scenarios, as well as three-phase unbalanced distribution power flow analysis, contingency analysis, switch order management, short-circuit analysis, volt/ampere reactive (VAR)/watt optimization, and loss analysis (NIST, 2010a). These systems, however, do not yet have smart grid automation technology that provides real-time information about the distribution network or allows switches in the grid to be controlled remotely (General Electric Company, 2013, An Energy Internet).

To achieve real-time situational awareness and establish appropriate responses in the smart grid, advanced technologies are needed that identify, acquire, correlate, analyze, and display IT and physical security-related data from all levels of the power system architecture (device, system, and network) and across all domains. These capabilities can lead to techniques that show the impact of IT and communication failures on electricity delivery, the potential effects of electricity disruptions on digital communications, and how a simultaneous combination of failures in each of the systems might impact the smart grid as a whole (ESCSWG, 2011).

3) Monitoring and Control

Current SCADA systems continuously monitor generators, substations, and feeder equipment, can perform remote control actions in response to operator or software application commands, and operate with approximately 99.99% availability. Other control systems, such as Under-Frequency Load Shedding (UFLS) and Under-Voltage Load Shedding (UVLS), are common industry practices to maintain power system availability. UFLS and UVLS commands can drop large loads rapidly in case of emergencies, and are used to protect systems from prolonged low frequency or low voltage operations (North American Electric Reliability Corporation/NERC, 2010, Reliability Considerations from the Integration of Smart Grid).

Stronger network security technologies are needed that can implement rules to enforce the behavior of power delivery system traffic, examine the details of system packets at the application level, and/or offer proxy services for these protocols, in order to protect sensitive communications between devices across all domains and at all levels of the electrical power system (ESCSWG, 2011). Encryption and cryptographic hashes also must be used, but more efficient algorithms are needed to address the challenge of securely exchanging tens of millions of keys used to protect data transmitted between millions of remote field devices, substations, and smart meters, using devices that have limited computational power (ESCSWG, 2011). In addition, stronger access controls, including those for remote field devices, are necessary to prevent unauthorized users from accessing and controlling equipment in the power delivery environment. A viable approach could use role-based access control, configuring each role on the principle of least privilege.

4) Testing

Testing is extremely important for human safety as well as for the safety and reliability of the equipment. The power industry routinely conducts lab and field tests of all power system equipment to minimize failure rates. It also conducts relay coordination testing and network testing for near power system faults, as well as rollback capabilities for database updates.

As changes are made to the power grid, security patches must be tested under field conditions and deployed as quickly as possible to prevent and detect the introduction and propagation of malware. Security tools, procedures, and patches for fixing known security flaws and retrofitting security technologies must be introduced in such a way that they do not diminish power system performance. Hardening legacy systems will require the implementation of a patch management program to mitigate the risk of known vulnerabilities (ESCSWG, 2011), and hot patching techniques that do not impact reliability must be deployed throughout the smart grid.

The size and complexity of the smart grid make security a cross-cutting challenge. Increased reliance on IT introduces greater threats and additional vulnerabilities that could lead to a degradation of power system reliability and safety. Existing standards, controls, and best practices within the electrical power industry form a convenient framework upon which security enhancements and improvements can be based.


No Impact

No impact- there are attacks all the time.


Molski 15 How safe is our power grid? March 24, 2015 Henry Molski a graduate from High Point University with a B.A. in Communication with a concentration in journalism and a minor in global commerce http://www.cincinnati.com/story/news/2015/03/24/safe-power-grid/70403152/Tina

Once every four days in the United States, a physical or cyber-attack on the nation's electrical grid causes an electrical emergency or disturbance – highlighting the growing threat of a constant siege on the country's energy sources. Since 2011 there have been more than 350 such incidents reported to the U.S. Department of Energy. Even though most are short-lived incidents, they are indicative of serious security vulnerabilities that analysts and officials fear could be exploited by bad actors to create a cascading blackout that could leave millions of people without power for days. Problems range from lack of security cameras and opaque fencing around transformers and other important equipment and facilities to inadequate cyber-security measures within the computer networks used to control the grid. Southwest Ohio is no exception. Area energy providers and utility regulators say they have taken action to make sure any such attacks remain minor issues. Over the past four years, Southwest Ohio has dealt with six physical attacks on the electrical grid. In data compiled by USA TODAY, 362 incidents were reported between January 2011 and December 2014 to the U.S. Department of Energy; in Southwest Ohio, Duke Energy reported five of these incidents.

Project Aurora proves a successful attack needs a specific set of ideal conditions


Perera 14 (David Perera is a cybersecurity reporter for POLITICO Pro. "U.S. grid safe from large-scale attack, experts say," 9/10/14. www.politico.com/story/2014/09/power-grid-safety-110815.html) jsk

What Project Aurora proved



Exhibit A in the cyber-Cassandra’s arsenal is Project Aurora, a Homeland Security Department test undertaken in 2007 at the Idaho National Laboratory. The object was to hack a working, 2.25-megawatt, grid-connected diesel power generator. Seeing on CNN the resulting grainy video of smoke pouring from the jolting 27-ton machine was the moment that convinced many their worst fears could come true.

Seven years later, however, Project Aurora’s status as a thunderclap of warning has been undermined by questions about the test and its real-life applicability.

That was a contrived test in a contrived environment,” said Miller, also a former Western Electricity Coordinating Council manager of audits and investigation.

The Aurora attack consisted of rapidly opening and closing circuit breakers, knocking the generator out of phase with the grid — a state that engineers have long known causes physical damage through accumulation of excessive torque inside the generator’s spinning parts.

Even at the time, the odds of an Aurora attack occurring in the wild were very low, said David Whitehead, vice president of research and development at Schweitzer Engineering Laboratories, a power relay manufacturer. Whitehead participated in a mitigation working group formed after the test.

There were a lot of ideal conditions that had to be in place before the actual rapid cycling and opening of a circuit breaker could occur,” he said. “For it to work, all the stars have to line up.” An Aurora attack is possible, he allowed — but “the probability of it happening in my lifetime is pretty small.”

Of course, it’s perfectly possible that other cyber-physical attacks await discovery. “I think it would be naive to think that there are no more,” said Perry Pederson, a former DHS Control Systems Security Program director who oversaw the test. But even the possible existence of additional vulnerabilities doesn’t necessarily mean the grid is highly vulnerable.

“I tend to think the grid is a little more robust than what we give it credit for. It’s not quite so fragile,” he added.


No attacks – terrorists lack capability and rational state actors


Perera 14 (David Perera is a cybersecurity reporter for POLITICO Pro. "U.S. grid safe from large-scale attack, experts say," 9/10/14. www.politico.com/story/2014/09/power-grid-safety-110815.html) jsk

Is the grid rigged?



Undergirding the widespread perception of a power system fragile to hackers’ touch is a belief that foreign states have already penetrated the grid system and left behind malware ready for activation at any time.

It’s a statement that pushes the envelope of technical and geopolitical realities — although it’s not impossible. “I think the U.S. is doing it, I assume Russia is doing it, I assume China is doing it,” said Peterson, also a former National Security Agency official, although not here claiming any direct knowledge.

No such implanted code has been discovered, he acknowledged — at least, “not that I’m aware of, and it might not exist.”

Planting power-grid malware, as opposed to hacking for purposes of reconnaissance, also “comes too close, and may even cross, a threshold that no one has been willing to cross,” asserted cybersecurity strategic thinker Jim Lewis.

The electric grid will be a target for cyberattack during a future conflict, he said in a 2010 paper — but governments also have international norms of behavior to consider, and planting malware in a foreign nation’s grid could be considered an act of war.



Terror groups aren’t bound by international norms nor necessarily deterred by U.S. military might. But absence of an attack against the grid to date suggests to many that they lack the ability to launch one.

Squo Solves

Squo solves- regulation and government cooperation


Hobson and Cramer 14 The Hill Keeping the electric grid safe from attack - OCTOBER 8, 2014 http://thehill.com/special-reports/cybersecurity-october-8-2014/220088-keeping-the-electric-grid-safe-from-attack By former Reps. Dave Hobson (R-Ohio) and Bud Cramer (D-Ala.) Tina

The electric grid is a complex system of power plants, substations, and transmission and distribution lines. Protecting it is no easy task, requiring constant vigilance from industry as well as government. A sustained, interactive partnership between the federal government and the electric utility sector now exists to protect the grid. That partnership has worked well, but it can be strengthened, both through new legislation and more clearly defining roles and responsibilities. One area where the partnership has demonstrated effectiveness is in reliability. Since 2005, the electric utility industry has operated under a mandatory federal reliability regime — the only critical infrastructure sector to do so. The industry works with the North American Electric Reliability Corp. (NERC), a nonprofit entity chosen by the Federal Energy Regulatory Commission (FERC) to help send electrons where they need to go. NERC develops mandatory reliability standards, which must be approved by FERC before being implemented. NERC enforces those standards through regular monitoring and compliance audits, and fines can reach up to $1 million per day. But fines after the fact are not enough. The government and utility industry must keep several steps ahead of attackers. Entities such as the Electricity Sub-Sector Coordinating Council, composed of senior industry and government security officials, and the Electricity Sector Information Sharing and Analysis Center, help facilitate information sharing about threats and how to respond. But when it comes to cyber threats to the grid, more can be done to enhance information flow between industry and federal agencies — in both directions — about vulnerabilities and attacks.


Grids are resilient – complex infrastructure makes devastating hacks impossible


Perera 14 (David Perera is a cybersecurity reporter for POLITICO Pro. "U.S. grid safe from large-scale attack, experts say," 9/10/14. www.politico.com/story/2014/09/power-grid-safety-110815.html) jsk

The specter of a large-scale, destructive attack on the U.S. power grid is at the center of much strategic thinking about cybersecurity. For years, Americans have been warned by a bevy of would-be Cassandras in Congress, the administration and the press that hackers are poised to shut it down.

But in fact, the half-dozen security experts interviewed for this article agreed it’s virtually impossible for an online-only attack to cause a widespread or prolonged outage of the North American power grid. Even laying the groundwork for such a cyberoperation could qualify as an act of war against the U.S. — a line that few nation-state-backed hacker crews would wish to cross.

None denied that determined hackers could penetrate the networks of bulk power providers. But there’s a huge gap between that and causing a civilization-ending sustained outage of the grid.

Electrical-grid hacking scenarios mostly overlook the engineering expertise necessary to intentionally cause harm to the grid, say experts knowledgeable about the power generators and high voltage transmission entities that constitute the backbone of the grid — what’s called the bulk power system.

There’s also the enormity of the grid and diversity of its equipment to consider. “The grid is designed to lose utilities all the time,” said Patrick Miller, founder and director of the Energy Sector Security Consortium. “I’m not trying to trivialize the situation, but you’re not really able to cause this nationwide cascading failure for any extended duration of time,” he added.

“It’s just not possible.”

ICS security in a nutshell

Controlling the boilers, fans, valves and switches and other mechanical devices that turn raw inputs and high-voltage transmission into flip-of-a-switch electricity is a class of computers known as industrial control systems. Supervisory Control and Data Acquisition Systems, or SCADA, is a type of ICS.

ICSs aren’t general purpose computers like desktops. At the level of direct control over electromechanical processes — via a device often classified as a Programmable Logic Controller — programming is mainly done in specialized languages on obscure operating systems. Even just accessing a PLC requires particular software. Hiding malware in field devices is difficult to impossible. Many of the devices “aren’t running multi-thread, multi-tasking operations like our laptops,” noted Chris Blask, chair of the Industrial Control System Information Sharing and Analysis Center.

And penetration is just a starting point. “Just hacking into the system, and even taking complete control of a computer or crashing a bunch of computers, won’t necessarily bring down the bulk electric system,” said Dale Peterson, founder of Digital Bond, an industrial control system cybersecurity consultancy.

For example, hackers could cause a SCADA system to crash, causing grid operators to lose system visibility — decidedly not a good thing. But the grid doesn’t need the SCADA system to continue operating. “There has to be an understanding that simply taking out the cyber assets doesn’t cause a blackout,” Peterson said.




Download 2.62 Mb.

Share with your friends:
1   ...   49   50   51   52   53   54   55   56   ...   81




The database is protected by copyright ©ininet.org 2024
send message

    Main page