Blackout: Wenn Hacker den Strom abschalten

Dieser Blog Post dient als Hintergrundartikel zum SRF Thementag «Blackout»: Wenn die Schweiz plötzlich keinen Strom mehr hätte vom Montag, 2. Januar 2017, 13.00 bis 22.00 Uhr (SRF News, SRF Kultur Wissen Beitrag)

blackout

Wie ist die Vorgehensweisen von Hackern, die unerlaubten Zugriff auf fremde Systeme erlangen wollen? — beispielsweise im Netzwerk eines Energieversorgungsunternehmens. Basierend auf diesen Muster hat die Compass Security im Rahmen des SRF-1 Blackout Tag gearbeitet. Der Artikel soll Sie sowohl für die Angriffsseite sensibilisieren, als auch wertvolle Tipps zur Abwehr geben.

Wer ist Compass Security

Compass Security ist eine Schweizer Unternehmung aus Rapperswil-Jona und Niederlassungen in Bern und Berlin die versuchen im Auftrag des Kunden die Sicherheit von IT Systemen zu testen. Man nennt diese Tätigkeit auch Penetration Testing oder Ethical Hacking. Im Grunde geht es darum Sicherheitslücken zu finden, bevor diese durch echte Hacker ausgenutzt werden. Wer sich regelmässig testen lässt, der wird massgeblich besser in der Cyber Abwehr.

Vorgehen bei einem Hacker Angriff

Direkte Angriffe

Direkte Angriffe richten sich unmittelbar gegen die IT-Infrastruktur eines Unternehmens. Typischerweise sucht ein Angreifer dabei nach Schwachstellen auf einem Perimeter System, dass ins Internet exponiert ist.
Direkte Angriffe

  1. Ein Angreifer versucht unerlaubten Zugriff auf interne Systeme zu erlangen.
  2. Der Angreifer, beispielsweise vom Internet her, sucht nach offenen Diensten die er möglicherweise für das Eindringen ausnutzen kann.
  3. Ein ungenügend geschützter Dienst erlaubt dem Angreifer Zugriff auf interne Systeme.

Indirekte Angriffe

Im Gegensatz zu direkten Angriffen, nutzen indirekte Angriffe nicht unmittelbar eine Schwachstelle auf einem ins Internet exponierten System aus. Vielmehr versuchen indirekte Angriffe die Perimeter Sicherheit eines Unternehmens zu umgehen.

Variante 1: Man-in-the-Middle / Phishing Angriffe

Indirekte Angriffe

  1. Ein Angreifer schaltet sich in den Kommunikationsweg zweier Parteien. Dies erlaubt ihm das Mitlesen sensitiver Informationen.
  2. Der Angreifer nutzt die erlangten Informationen um unbemerkt auf interne Systeme zuzugreifen.

Variante 2: Malware / Mobile Devices / W-LAN
Indirekte Angriffe

  1. Ein Angreifer infiziert ein Gerät mit Schadsoftware.
  2. Durch die Schadsoftware erlangt der Angreifer Kontrolle über das infizierte Gerät, welches Zugriff auf andere interne Systeme hat.
  3. Zusätzlich kann ein Angreifer über andere Zugriffspunkte ins interne Netzwerk gelangen, beispielsweise über unsichere Wireless-LAN Access Points.

Variante 3: Covert Channel (Inside-Out Attacke)
Indirekte Angriffe

  1. Ein Angreifer präpariert ein Medium wie USB-Sticks oder CD-ROMs mit Schadsoftware.
  2. Der Angreifer bringt sein Opfer dazu das Medium zu verwenden.
  3. Die Schadsoftware wird automatisiert ausgeführt und verbindet sich unbemerkt zurück zum Angreifer. Der Angreifer erhält die Kontrolle über das infizierte Gerät.

Sechs Tipps zur Abwehr

  1. Regelmässige Aktualisierung von Betriebssystem, Browser und Anwendungssoftware
  2. Schutz durch Verwendung von Firewall und Anti-Viren Software
  3. Verwendung von starken Passwörtern, sowie deren regelmässige Änderung
  4. Löschen von E-Mails mit unbekanntem Absender, Sorgfalt beim Öffnen angehängter Dateien
  5. Vorsicht bei der Verwendung von unbekannten Medien wie USB-Sticks oder CD-ROMs
  6. Regelmässige Erstellung von Backups

Wie kann Compass Security Ihre Firma unterstützen?

  • Penetration Tests: Simulation von Angriffen mit oder ohne Insider-Wissen
  • Security Reviews: Überprüfung und Analyse von Systemen und Konfigurationen
  • Incident Response: Unterstützung während und nach Angriffen
  • Security Trainings: Ausbildung und Sensibilisierung

Gerne prüfen wir, ob die Zugriffe auf Ihre wichtigsten Systeme sicher sind!

Referenzen

Unter folgenden Referenzen finden Sie Tipps und Anregungen zu häufig gestellten Fragen.

Grid, gridder, smart grid

This post will briefly introduce the major aspects and goals of smart grids. For those not familiar with electrical grids, have a look at the former post for a quick intro. This article aims to describe the challenges and requirements smart grids are dealing with. Moreover, the need for an intelligent measurement network – the advances metering infrastructure (AMI) will be outlined

Some electricity industry body defines the smart grid as follows: “A Smart Grid is an electricity network that can intelligently integrate the behaviour and actions of all users connected to it -generators, consumers and those that do both – in order to efficiently ensure sustainable, economic and secure electricity supply. ” [1]. The definition clearly refers to the challenging dynamics of renewable energy resources (RES) whose generation heavily relies on the fluctuate availability of sun light, wind or maybe tides. Unfortunately, it less clearly addresses changes in behavior whereby the smart grid should not only be capable to react on actions but should also directly or indirectly influence consumption behavior.

There have been six major characteristics [2, 3] identified. These characteristics describe the key benefits of a smart grid. The reference even provides additional detail on the characteristics:

  1. “Enables Informed Participation by Customers 
  2. Accommodate s All Generation & Storage Options 
  3. Enables New Products, Services, & Markets 
  4. Provides Power Quality for the Range of Needs 
  5. Optimizes Asset Utilization & Operating Efficiency 
  6. Operates Resiliently to Disturbances, Attacks, & Natural Disasters ”

The upper halve of the characteristics is probably the most interesting from a retail customers view. However, the thesis I am currently working on will map to the part “Operates Resiliently to Disturbances, Attacks” of item six.

For the smart grid the basic electrical grid in the former post is enriched with new elements. The basic domain structure persists but an additional domain hosting distributed generators and distributed storage devices have been added to the smart grid blue print shown in the below figure.

The newly introduced domain hosts all sort of distributed energy resources (DER) such as generators and storages. The blueprint introduces a small wind park which contributes to the distribution domain and a PV installation with rechargeable batteries as buffer storage, Moreover, a freezer and an electrical vehicle (EV) were added to the consumer domain. Actually, the EV is not only a consumer but may also contribute to the grid as a storage in peak times. Its not the single items which are challenging for the grid but its the masses which require for more ‘smartness’. Small systems could also be grouped and centrally managed as a combined power plant to form a steady power resource. A more detailed view on improvements in the transmission and distribution domains with focus on security is given in [4].

Smart Grid Security

Thus, to ensure reliability of the grid the DSO and TSO must ensure that the power consumed and the power generated stays balanced otherwise efficiency and power quality (PQ) suffer. Unfortunately, poor PQ may quickly result in damaged consumer devices. To avoid such scenario, live information and detailed statistics of the consumer behavior, of generators capacity and of storage capacity is needed. Moreover, the operator will need to smartly attach or detach generators and consumer devices (EV) to their local storage or to the grid according to the power needs. The management of the grid balance is also known as demand-response. As good it sounds, management of so many components is much more complex and the recovery of a failure will demand for a controlled re-launch of DERs and bulk generators simultaneously at both ends of the grid. Additionally, dynamic-pricing or real-time pricing (RTP) or critical peak pricing (CPP) could help to reduce peak loads and would result in lower demand-response efforts. For real-time pricing, consumers will be kept informed on the current power rates. Consumers could then decide on whether to run heavy loads at the current pricing.

Hence, reporting consumption and switching loads will require a bi-directional channel being established between operator and consumer. The channel would then allow for delivery of detailed measurement from the consumer and DG side to the operators. Furthermore, it would enable the operator to actively manage DER and to push real-time information to the consumer facilities. The equipment and network necessary is known as the advanced metering infrastructure (AMI). I will provide a closer look to the AMI in upcoming posts. Stay tuned.

In order to securely operate smart grids, NERC (North American Electricity Reliability Corporation) and ENISA (European Network and Informations Security Agency) have prepared appropriate recommendations [5,6].

[1] EURELECTRIC, Smart Grids and Networks of the Future, 201, http://www.eurelectric.org/Download/Download.aspx?DocumentID=26620
[2] U.S. Department of Energy (DOE), 2009 Smart Grid System Report, 2009, http://www.doe.gov/sites/prod/files/2009%20Smart%20Grid%20System%20Report.pdf
[3] U.S. Department of Energy (DOE), 2010 Smart Grid System Report, 2012, http://www.doe.gov/sites/prod/files/2010%20Smart%20Grid%20System%20Report.pdf
[4] G. N. Sorebo and M. C. Echols, Smart Grid Security: An End-to-End View of Security in the New Electrical Grid, CRC Press, 2011, ISBN 978-1-4398-5587-4
[5] NERC Reliability Standards, http://www.nerc.com/page.php?cid=2%7C20
[6] ENISA Smart Grid Security Recommendations, http://www.enisa.europa.eu/activities/Resilience-and-CIIP/critical-infrastructure-and-services/smart-grids-and-smart-metering/ENISA-smart-grid-security-recommendations

Introduction to the Electrical Grid

When it comes to industrial control systems (ICS) specifically to supervisory control and data acquisition (SCADA) then a basic unterstanding of the business is crucial. In the curse of my master thesis I am currently digging into parts of the electrical grid and try to examine the issues and security level of some specific protocols. Thus, I will regularly keep you posted on grid aspects over the next two months

For a starter, this article shall give a short introduction into electrical grids in general. It aims to introduce general terms and to state the difference between the former electrical grid architecture and the smart grid. Additionally, paradigm changes and challenges [1] to the current grid will be pointed-out and the conclusion will include some reasoning for a more flexible architecture – the smart grid.

Electrical grids consist of power plants that create electricity from some form of energy. They consist of towers and poles that hold wires to transport the electricity and finally make it available to the consumer. The figure provides an overview how these facilities are logically grouped into four major electric grid domains. The domain concept is not entirely new and was similarly outlined in a description of cyber security on the essential parts of the smart grid [2].

Generator domain; includes all sort of bulk power generation plants such as nuclear reactors, fossil fuel (coal or gas) plants as well as hydroelectricity plants. Typically, these are power plants that can continuously generate electricity of several hundred million watts (MW).

Transmission domain; represents the long-distance transmission network components. This includes components such as large interconnection nodes, substations and of course, cables either mounted on towers or buried underground. Electrical lines at this domain normally work on very high voltage. The voltage for that size of transmissions networks is  several hundred of thousand volts (kV). Among Europe typically values are 230kV and 400kV. Traditionally, the domain is under control of the transmission system operator (TSO). In some countries a national body or a super body of utilities operates that domain.

Distribution domain; provides the whole infrastructure to bring power to the end user (consumer). The domain also includes transformer equipment which is necessary to reduce the voltage as power is transported to the consumer. Bulk consumers typically get their power at higher voltages, for example 16kV, then common house holds for which 230 Volts and 400 Volts present common values. The domain is manged by the so-called distribution system operator (DSO).

Consumer domain; groups all sort of consumers. The industries as well as household regardless of the amount of consumption and the consumer geographic location.

The four domain model gives a good introduction into the basic concept of an electrical grid but it does by no means appreciate the full detail of the electrical grid nor does it fully model the energy flow. Due to the liberalization of the power market the generation domain is not exclusively subject to large utilities anymore. For example, consumers may want to invest into renewable energy such as photo voltaic (PV) equipment in order to cover their own power consumption and to supply current out of surplus production to others. Thus, “consumers are becoming producers or producing consumers – prosumers” [3].

Comparable changes also apply to the distribution domain. Local utilities more frequently setup own facilities to generate power which will be feed-in directly at the distribution level at high voltages. Distributed generation (DG) is nothing new to grid operators and utilities as it was already discussed in literature [4] in 2001. The referenced book [4] does also introduce several forms of generators and does recognize the technical and financial impact of distributed generation to the grid. The reader will find information on combustion turbines, PV systems, micro turbines, fuel cells, combined heat and power as well as background information on grid operations with distributed generation and storage. However, security relevant aspects are not being discussed.

Since 2001 distributed power generation significantly emerged due to renewable energy got political attention and national funding [5]. These fundings do not only focus on large installations but also take small generators in home scale into account. Meanwhile, distributed generation has taken off and demands for advances in measurement and operations of the electrical grid. Only the introduction of additional information technology (IT) will allow to coordinate all generators, storages and consumers and thus to ensure efficiency and reliability of the grid.

A functional and reliable grid is evident for a country’s stability. Therefore, governments provide guidance in form of critical infrastructure protection (CIP) programmes [6,7] and in form of written recommendations [8,9] on how to securely operate the IT stuffed new generations of grids.

References
[1] European Commission, Energy Efficiency Plan, 2011
[2] United States of America, H.R. 6582: American Energy Manufacturing Technical Corrections Act, 2012
[3] P. Hasse, Smartmeter: A technological overview of the German roll-out, 29th Chaos Communication Congress, Online http://events.ccc.de/congress/2012/Fahrplan/events/5239.en.html, 2012
[4] A. Borbely and J.F. Kreider, Distributed Generation: The Power Paradigm for the New Millenium, CRC Press, 2001, ISBN 0-8493-0074-6
[5] European Commission for Energy, Financing Renewable Energy in the European Energy Market, 2011
[6] North American Electric Reliability Corporation (NERC), http://www.nerc.com/
[7] Federal Office for Civil Protection (FOCP), The Swiss Programm on Critical Infrastructure Protection, Nov 2010, Online http://www.bevoelkerungsschutz.admin.ch/internet/bs/en/home/themen/ski. parsysrelated1.82246.downloadList.18074.DownloadFile.tmp/factsheete.pdf
[8] NIST Cyber Security Coordination Task Group, Security Profile for Advanced Metering Infrastructure, v2.0, June 2010
[9] ENISA, Smart Grid Security: Recommendations for Europe and Member States, July 2012, Online http://www.enisa.europa.eu/activities/Resilience-and-CIIP/critical-infrastructure-and-services/smart-grids-and-smart-metering/ENISA-smart-grid-security-recommendations/at_download/fullReport

Note, this work is a preview version of an MSc Information Security dissertation in the fields of electrical grids.