Friday, April 10, 2009

How insecure is our electrical grid?

When The Wall Street Journal reported this week that Chinese, Russian, and myriad other groups of foreign nationals had been able to penetrate the electrical infrastructure of the United States and leave behind chunks of software code that might allow them to disrupt or destroy the grid remotely, there was a certain amount of panic generated as mainstream media picked up the story and flogged it for all it was worth.

Conversely, security professionals barely acknowledged the news reports, as this is hardly a recent development. Hardening an admittedly-brittle utility infrastructure and closing the known issues that exist in SCADA have long been on the radar of info security teams worldwide.

Given how much work has been performed in the last several years, the Journal report should serve not only as a warning as to the omnipresent threats that exist, but also as a wake-up to everyone involved and a call to action in support of proactive assessment and remediation. Imagine how insecure this infrastructure was five years ago, before anyone starting paying attention to it.

As technology began to permeate the broad segment of the economy known generically as utilities (gas, electric, water, telecommunications, transportation, etc.), the ability to monitor and manage the infrastructure remotely came as a huge benefit to the companies involved, allowing for several models to develop, including centralization, decentralization, and a hybrid of the two.

Further, technicians gained the ability to interact and make changes regardless of their geographic location, as long as they had Internet access and were (allegedly) credentialed to manage the infrastructure remotely.

The downside to such a distributed infrastructure is the explosion in the size of your perimeter and the number of access points that need to be identified and controlled. If there are doors for authorized personnel to gain access, those same ingress lines are available for the bad guys, not to mention any points of entry created by flaws, vulnerabilities, or poor system design.

Since a great number of these control mechanisms are routed via public networks, they are inherently vulnerable to attack and compromise. The alternative is separate data and communication networks for critical infrastructure, highly-secured and access-controlled. The problem with that is two-fold: it has to be built and maintained, and it has to be funded, no easy task for companies looking to make a profit or stay afloat.

The ability to take advantage of the economy of scale has long been used by utilities for cost-saving purposes. It's certainly much cheaper to buy and implement Cisco routers, switches, and networking gear, and there's a much deep pool of engineers and technicians to deploy and maintain Cisco products than, say, a proprietary hardware inventory built specifically for one purpose or utility.

The other side of that same coin is that evil-doers also know the ins-and-outs of Cisco hardware and OS offerings, so advantage evil-doers. The goal is to stay a step or two ahead of the threats. When the cost of failure is the crippling of our electrical grid or telco infrastructure, the stakes are raised exponentially, as everything else within the United States relies on that infrastructure remaining highly available.

It's a constant balancing act between efficiency and security. It's easy to make things more accessible and user-friendly, and to use public IP networks to tie it all together. But that typically works against the concept of high security. Just ask Microsoft.

Until some sort of security standards for so called "smart grids" are determined and the pendulum swings back toward the security side, we'll continue to have valid concerns about the vulnerability of our core infrastructure.

Let's hope we're able to move quickly in this area. Otherwise, a cold, dark future awaits us all.

Electrical Grid in U.S. Penetrated by Spies

No comments:

Post a Comment

Please tell me what you think.