Tag Archive for SCADA

Quantum Encryption for Grid Security

Quantum Encryption for Grid SecurityVulnerabilities in the national grids and the potential for wide-scale outages has rasied concerns over the past few years as high-profile companies have gone public with highly sophisticated hacking attempts. MIT‘s Technology Review reported on GridCOM Technologies, a startup which recently secured seed funding from Ellis Energy Investment which says quantum cryptography can make the electricity grid control systems secure.

KeysDr. Duncan Earl the chief technology officer of GridCOM Technologies told TR he plans to use the start-up money to build a prototype quantum encryption system designed specifically for the electricity grid. The company’s hope is to demonstrate a working system working next year near its home base in San Diego. Utilities would pay about $50 a month for access to a software service and hardware that encrypt critical communications in an area.

With GridCOM Technologies, Dr. Earl is trying to make critical infrastructure more secure by encrypting data send to grid control systems. The article explains that traditional encryption techniques can’t work at the low latency speeds—measured in milliseconds–required for SCADA systems, which leaves them vulnerable to attack. CTO Earl is an expert in optical technologies who worked for the Cyberspace Sciences and Information Intelligence Research group at Oak Ridge National Laboratory and helped spin out an optical lighting company in 2006.

Thing One and Thing TwoGridCOM Technology’s system works by generating two photons using a laser and storing them in optical fiber cables. These twin photons each have an opposition polarization—either a wave oscillating up and down or left and right, Dr. Duncan explained to the author, Martin LaMonica. According to quantum mechanics, if one tries to measure these photons, it will change the state of the other and the photons are no longer “entangled.” This phenomenon allows a communications system to detect if a message has been intercepted.

According to the article, the firm’s service would create an encryption key based on the arrangement of the photon pair. A hardware receiver posts that information on the Internet and the company’s hosted software will poll those devices. A subscriber to the service will be able validate that communications haven’t been tampered and encrypt messages, Mr. Duncan says. “You’ve got physics that is ultimately securing the device, not mathematics. Mathematical complexity has been a great tool for encryption but it’s not future proof,” he told TR.

Electrical gridGridCOM’s Duncan says a key advantage of the system, is that it works quickly, a necessity for SCADA systems. “You’ve eliminated the possibility of somebody eavesdropping to hack the key. There’s no data latency and you’ve leveraged a random bit stream … That’s really all the grid needs.”

One of the main limitations is that the cryptography is only point-to-point over a fiber cable and can’t work across switching equipment over the Internet. In GridCOM Technology’s case, the system is limited to 20 kilometers in distance. GridCOM’s CTO envisions that utilities will put a series of hardware receivers in secured buildings to encrypt communications for a whole region.There are already a number of efforts to build commercial quantum encryption systems GigaOm reported on the success that the scientists at Los Alamos have had running a quantum network for over two years and ID Quantique in Switzerland.

TR concludes that quantum encryption offers one promising route to securing the grid, but it shouldn’t be seen as a silver bullet. If it works, it would address one very specific application but securing something as complex as the power grid requires a full suite of options and above all good security practices.

Albert EinsteinSmart Grid Today provides (PDF) some background. Quantum physics was first described in a 1935 paper that included Albert Einstein as an author. Erwin Schrödinger coined the quantum term “entanglement” and that was the basis for his famous thought experiment of a cat that exists simultaneously in a state of being alive and dead.

It took over 60 years for CERN to prove quantum entanglement, utterly confounding Einstein’s theory of relativity because now information can be transmitted not at or below the speed of light, but literally instantaneously.

 

McAfee Labs 2012 Threat Predictions

McAfee Labs 2012 Threat PredictionsComputer security company McAfee unveiled its Threat Predictions report (PDF), outlining the top cybersecurity threats organizations and individuals are likely to face in 2012. McAfee, a wholly owned subsidiary of Intel (INTC), says that for the most part, 2012 looks like it will look like 2011 only worse, with many of the recent threats gaining momentum. Here are the predictions:

Electrical linesIndustrial Attacks: Cybercriminals will target Water, electricity, oil and gas utilities. These are essential services to everyday lives, yet many industrial systems are not ready for cyberattacks according to McAfee. Many of the environments where SCADA (supervisory control and data acquisition) systems are deployed don’t have stringent security practices. McAfee predicts attackers will leverage this lack of preparedness with greater frequency, if only for blackmail or extortion in 2012.

Legalized Spam: McAfee Labs says global spam volumes have declined in the past two years. However, legitimate advertisers are picking up where the spammers left off using the same spamming techniques, such as purchasing third-party email lists or databases from companies going out of business. McAfee Labs expects to see this “legal” spam and the technique known as “snowshoe spamming” to continue to grow at a faster rate than illegal phishing and confidence scams.

Mobile virusMobile Threats: 2011 has seen the largest levels in mobile malware history, McAfee Labs expects that continue in 2012. They expect mobile attackers to improve on their skill set and move toward mobile banking attacks. Techniques previously dedicated for online banking, such as stealing from victims while they are still logged on while making it seem that transactions are coming from the legitimate user, will now target mobile banking users. McAfee Labs expects attackers will bypass PCs and go straight after mobile banking apps, as more and more users handle their finances on mobile devices.

Embedded Hardware: Embedded systems are designed for a specific control function within a larger system, and are commonly used in automotive, medical devices, GPS devices, routers, digital cameras and printers. McAfee Labs expects to see proofs-of-concept codes exploiting embedded systems to become more effective in 2012 and beyond. This will require malware that attacks at the hardware layer, and will enable attacks to gain greater control and maintain long-term access to the system and its data. Sophisticated hackers will then have complete control over hardware.

Cyber terrorCyberwar: Countries are vulnerable due to massive dependence on computer systems and a cyberdefense that primarily defends only government and military networks. Many countries realize the crippling potential of cyberattacks against critical infrastructure, such as water, gas and power, and how difficult it is to defend against them. McAfee Labs expects to see countries prove their cyberwar capabilities in 2012, to send a message.

SSL Certificate keysRogue Certificates: Organizations and individuals tend to trust digitally signed certificates, however, recent threats such as Stuxnet and Duqu used rogue certificates to evade detection. McAfee Labs expects to see the production and circulation of fake rogue certificates increase in 2012. Wide-scale targeting of certificate authorities and the broader use of fraudulent digital certificates will affect key infrastructure, secure browsing and transactions as well as host-based technologies such as whitelisting and application control.

Greedy politicansLegislative Issues: DNSSEC (Domain Name System Security Extensions) are meant to protect a client computer from inadvertently communicating with a host as a result of a man-in-the-middle attack. Governing bodies around the globe are taking greater interest in establishing “rules of the road” for Internet traffic, and McAfee Labs expects to see more and more instances where future solutions are hampered by legislative issues.

Occupy wall stHacktivism: McAfee Labs predicts that in 2012 digital disruptions like Anonymous will join forces with physical demonstrators and will target public figures such as politicians, industry leaders, judges and law-enforcement, more than ever before.

Virtual Currency: McAfee Labs expects cybercurrency will be an attractive target for cybercriminals.  to see threats evolve to steal money from unsuspecting victims or to spread malware.

Hardware Attacks: McAfee Labs expects to see more effort put into hardware and firmware exploits to create persistent malware in network cards, hard drives and even system BIOS (Basic Input Output System). and their related real-world attacks through 2012.

Related articles

Internet of Things

Internet of ThingsOnce upon a time, there was a time when “using the Internet” always meant using a computer. Today getting on the intertubes is an expected feature for many devices. The next digital frontier is the physical world, where the “Internet of Things.” The Internet of Things will bring online ability to objects.

Twine Sensor Connects Household Objects to the Internet

Twine Tested.com notes a Kickstarter project from two MIT Media Lab alums who developed a way to make the Internet of Things more available. A small, durable “Twine” sensor listens to its environment and reports back over Wi-Fi. The creators hope their new product will let regular users, even those without programming knowledge, digitally manage their surroundings.

A basic Twine unit senses temperature and motion, but other options like moisture detection, a magnetic switch, and more can be added using a breakout board. The various sensors and built-in Wi-Fi can be powered by either a mini-USB connection or two AAA batteries, which will keep it running for months. Twine readings get wirelessly loaded into the appropriately named Spool web app, where users can set simple if-then triggers that create SMS messages, tweets, emails, or specially configured HTTP requests.

For a donation of $99 or more will get you a basic unit when they ship in March.

THE SMART FRRRIDGE. Chilly Forecast for Internet Frrridge

Internet FridgeThe Smart Frrridge is a new version of the familiar kitchen apparatus. According to Medienturn the new fridge comes with a built-in computer that can be connected to the internet. It is one of a growing class known as “internet appliances” that include not only smart phones, but also web-enabled versions of typical household appliances.

The refrigerator keeps an eye on the food in it by using RFID technology, a digital camera and image processing. These technologies allow the fridge to keep track of whats in it, how long has this been there, should it be trashed?

To keep in contact with the Smart Frrridge all you have to do is to pick up your mobile phone and call. It will be able to suggest a menu that uses the foods inside, and generate a shopping list of the missing ingredients and place the order online.

The Smart Frrridge cab also be used to watch television, listen to music, to take a photograph, save it to an album, or post it to a website, or send it to an email recipient. The comes with a docking station you can just dock in your Apple (AAPL) iPod or iPhone and start using all your favorite cooking apps.

SCADA: How Big a Threat?

Cyber attackerThere are reports of two recent cyber attacks on critical infrastructure in the US. Threatpost says the hacker who compromised the water infrastructure for South Houston, TX, said the district used a three-letter password, making it easy to break in.

There are also reports that a cyber attack destroyed a water pump belonging to a Springfield, IL water utility. There are mixed reports that an attacker gained unauthorized access to that company’s industrial control system.

According to DailyWireless, Supervisory Control And Data Acquisition (SCADA) software monitors and controls various industrial processes, some of which are considered critical infrastructure.

Researchers have warned about attacks on critical infrastructure for some time, but warnings became reality after a highly complicated computer worm, Stuxnet, attacked and destroyed centrifuges at a uranium enrichment facility in Iran.

German cybersecurity expert Ralph Langner found Stuxnet, the most advanced worm he had ever seen. The cybersecurity expert warns that U.S. utility companies are not ready to deal with the threat.

In a TED Talk Langner stated that, “The leading force behind Stuxnet is the cyber superpower – there is only one; and that’s the United States.”

In a recent speech at the Brookings Institution, he also made the bigger point that having developed Stuxnet as a computer weapon, the United States has in effect introduced it into the world’s cyber-arsenal.

New NIST Report Sheds Some Light On Security Of The Smart Grid

NIST DarkReading reports the National Institute of Standards and Technology (NIST) released a report (PDF) by the Cyber Security Coordination Task Group. The report from the Task Group which heads up the security strategy and architecture for the nation’s smart power grid includes risk assessment, security priorities, as well as privacy issues.

The smart grid makes the electrical power grid a two-way flow of data and electricity allows consumers to remotely monitor their power usage in real-time to help conserve energy and save money. DarkReading says researchers have raised red flags about the security of the smart grid. Some have already poked holes in the grid, including IOActive researcher Mike Davis, found multiple vulnerabilities in smart meters, including devices that don’t use encryption nor do they authenticate users when updating software. He who was able to execute buffer overflow attacks and unleash rootkits on smart meters.

Tony Flick, a smart grid expert with FYRM Associates, at Black Hat USA talked (PDF) about his worries over utilities “self-policing” their implementations of the security framework. “This is history repeating itself,” Mr. Flick said in an interview with DarkReading.

According to DarkReading, the report recommends smart grid vendors carry out some pretty basic security practices:

  • Audit personally identifiable information (PII) data access and changes;
  • Specify the purpose for collecting, using, retaining, and sharing PII;
  • Collect only PII data that’s needed;
  • Anonymize PII data where possible and keep it only as long as necessary;
  • Advanced Metering Infrastructure (AMI) must set up protections against denial-of-service (DoS) attacks;
  • Network perimeter devices should filter certain types of packets to protect devices on an organization’s internal network from being directly affected by denial-of-service attacks;
  • The AMI system should use redundancy or excess capacity to reduce the impact of a DoS;
  • AMI components accessible to the public, must be in separate subnetworks with separate physical network interfaces;
  • The AMI system shall deny network traffic by default and allows network traffic by exception;
  • Consumers’ access to smart grid meters be limited. Authorization and access levels need to be carefully considered.