Greentech Lead America: A recent McAfee report warns that
electrical power grid is vulnerable to targeted attack.
A cybercriminal could debilitate a major city by a single
targeted attack on the energy grid and compromise anything from the lights and
appliances in homes, to heart monitors in hospitals, to air defense systems,
the report said.
The report, “Getting Smarter About Smart Grid Cyber
threats,” emphasizes the need to build security into these critical systems.
The most prevalent cyber threat reported by the global
energy sector is extortion, the report said. Criminals gain access to a
utility’s system, demonstrate that they are capable of doing damage, and demand
a ransom. Additional threats include espionage and sabotage all with the goal
of financial gain, data theft and shutting down facilities.
“Security needs to be built into grid components at
the planning and design phase,” said Tom Moore, vice president of Embedded
Security at McAfee. “Because the grid relies heavily on embedded systems
it makes them ripe targets for intruders thus it is imperative to integrate
security solutions natively in these devices. McAfee
is working with its partners in industry and government to make great strides
on the technical front to mitigate the threats to these critical systems we all
rely on.”
Automation of the grid — moving systems from a manual
process to one that is internet connected — is another major cause of grid
vulnerability. Though it gives energy grid operators real-time info and allows
administrators to telecommute and field workers to re-program systems from
remote locations through their smartphones, it opens the systems to the outside
world.
One of the most alarming causes of grid vulnerability is
the increasing interconnection of embedded software and devices directing the
flow of energy. These built-in computers are the prime targets of intruders
seeking to gain control of or disrupt the delivery of energy.
The report suggests the need to undertake
well-intentioned efforts to modernize energy distribution and make it safer,
cleaner, more efficient, less costly, and open to more alternative forms of
production. McAfee thinks an estimated 70 percent of the existing energy
grid is more than 30 years old.
McAfee Embedded Control prevents unauthorized changes to
devices to make them resilient to malware infections and attacks. To mitigate
vulnerabilities and prevent attacks, McAfee addresses endpoint, network, and
data security within the grid as part of a cohesive security solution.
S&C teams with McAfee to enhances security of smart grid
controls
Earlier this year, S&C Electric Company, a provider
of electric power systems equipment, collaborated with McAfee to bundle
application control software from McAfee into S&C’s PC-based control
platforms. This bundling will help S&C enhance the security and protection
of its control platforms.