It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Hack of the US electric grid vs. EMP or CME

page: 1
3

log in

join
share:

posted on Mar, 18 2019 @ 01:21 AM
link   
A lot of emergency management in recent years has focused on damage to the US electric grid from an antagonist deploying an electromagnetic pulse weapon to cause the collapse of electric utility service. A sister threat comes in the form of a coronal mass ejection, a "solar storm" like the Carrington Event of 1859, which would disable satellite and utility services.

Yet in the process of reading up on EMP and CME, I have come to believe that Russia is developing the ability to disable the US electrical grid by hacking into the distribution network and shutting it down.Russian hacker teams repeatedly attacked the Ukraine grid, in tandem with seizure of Ukraine territory in 2014. Several attacks of US electric grid, as well as attacks on 9-1-1 emergency service bore the fingerprints of Russian-led hacking.

How should preparing for a hack-attack on the electrical grid be different from preparations against EMP and solar storms?
edit on 18-3-2019 by Graysen because: (no reason given)



posted on Mar, 18 2019 @ 03:12 AM
link   
a reply to: Graysen

Hurricane Sandy was a good practice. We lost power for few days.

All good as far as you have the ability to obtain drinkable water, food and fire. Health conditions are a big issue. Learn about natural medicine.



posted on Mar, 18 2019 @ 05:21 AM
link   
a reply to: Graysen

Based on some light reading I did, any part of the grid that is driven by a computer... yes is at risk to a hack. However, the grid has a fail safe structure. The entire grid is not hack-able in one clean shot. It appears that would be a massive feat and it would require that insiders breach a lot of diff facilities all at once, insert their hack device to try and take it down all at the same time. Basically it has several components, if one goes down it is built to prevent an outage on other parts of the structure/grid. While it may be a huge problem if one area were to go down, it is built in sections to prevent a total outage.

leolady



posted on Mar, 18 2019 @ 07:23 AM
link   


How should preparing for a hack-attack on the electrical grid be different from preparations against EMP and solar storms?


Air gap the EG, and retrofit with emp proof concrete.

www.engadget.com...

A simple solution to a complex problem.

That's why it will never be done.



posted on Mar, 18 2019 @ 08:20 AM
link   
If we were to be attacked and shutting down the power grid was one of the main objectives, they wouldn't bother with a mere hacking attack. I believe that they would have to go for broke and use multiple atmospheric nuclear blasts to severely cripple the grid and communications.

No matter what the game plan was, they would use a number of methods together along with physical attacks including a "Red Dawn" style of invasion. It would be too risky to leave anything out due to nuclear retaliation and would be a balls out attack to do the most complete job possible.

Otherwise it will be a slow take over from within the like that seems to be occurring right now. If they could cause enough division and in fighting within our society, then focused hack attacks in the right place and time would be an effective ploy. If there was some kind of civil war or massive protests and riots, they could get a foot in the door with a pretext of helping us out while they send peace keeping troops to being order.

Of course a CME would be random and unpredictable, but useful if it happened to do the most damage to our hemisphere.
edit on 18-3-2019 by MichiganSwampBuck because: Typo



posted on Mar, 18 2019 @ 09:30 AM
link   
a reply to: leolady

It wouldn't be a lot of different facilities, only one for each region, which is 18 at last count. NERC does have standards in place to try and enforce security controls as these are high impact BES targets, however until they start increasing the fines they impose on non-compliance I don't see the landscape changing anytime soon. NERC CIP Record Fine This is the record amount they've fined so far, which to an entity of that size is a drop in the bucket.

I would say the largest threat is supply chain and physical threats. Supply chain is the long game, get your piece of tech into the tech stack of enough companies and you now have a situation ripe for exploitation. The physical threat is even easier, there's a database of power plants out there publicly available with GPS and even Google maps pictures. Take enough folks and give them hunting rifles and have them start popping distribution equipment in the switch yards, the lead time on replacement on a lot of those things is in the time-frame of months.

No sophisticated attack or EMP needed, just a couple of hundred with .308 or .30-06 rifles and congrats, you've disrupted generation and transmission enough to cause significant issues in a very low tech way.



posted on Mar, 18 2019 @ 10:14 AM
link   
a reply to: Hypntick




I would say the largest threat is supply chain and physical threats. Supply chain is the long game, get your piece of tech into the tech stack of enough companies and you now have a situation ripe for exploitation. The physical threat is even easier, there's a database of power plants out there publicly available with GPS and even Google maps pictures. Take enough folks and give them hunting rifles and have them start popping distribution equipment in the switch yards, the lead time on replacement on a lot of those things is in the time-frame of months.


Dang... just put ideas in scary folks heads why don't ya...

Yep physical threats is kinda what I hinted at. Like actually being physically present at each location. It's kinda crazy that the info is readily available like u pointed out, gps and maps an all of the locations... but that is just the times we live in now. Welcome to the age of information.

How do you suggest they tackle a possibility of an attack in this manner, ooh they are i suppose. We are already seeing the censorship of information starting I suppose that is one way. Pros and Cons to everything.

My inner mind thinks about the info readily available to the general public and I tend to think that the real way they are protecting the grid today is not going to be revealed or easily available information to find.

Your thoughts on the supply chain entry is something to consider as well. I believe i read up that they had already considered this potential too. The idea that something is already inserted and hiding and lying in wait to be utilized.

I just wonder...
Is the equipment and computers and technology being utilized the same at all of the locations ? I doubt it. I would think budgets control each locations equipment and technology so purchasing in that area would be different in another local. Ok so who cares what brand name is on the equipment, i suppose your suggesting its the components inside of the equipment that are already infiltrated / hacked ? Those components / programs would come from fewer sources ? The "backdoor" loop hole thingy comes to mind.

I still think it would be a difficult feat to accomplish over all and would need to be very organized. I've also read up on the drills that are done to consider possible scenarios that might occur during an attack on the grid, like an escape room, but in this case it is a drill with the actual employees at said facilities trying to bring the grid back up when and if an attack were to happen.


Certainly Interesting things to consider.

leolady



posted on Mar, 18 2019 @ 02:42 PM
link   
a reply to: leolady

I obviously can't speak for everywhere, just my personal experience. Regarding the equipment utilized at various entities etc. I've seen that Allen Bradley PLC's are probably the most common component found in any generating or transmitting location. Not saying that's the attack vector, but if I were a betting man that's where I would throw my money.

Supply chain security is just in its infancy right now, at least as far as OT/ICS is concerned. I've only seen it done right at a single company, which I can't name due to NDA reasons. However it is one of the highest recommendations that I make when doing audits and assessments of OT/ICS equipment, that and proper network segmentation.

All of this if FUD however until an actual attack occurs, which I only see in a total war scenario, because aside from causing discord and chaos what is the objective? At least as far as power generation/transmission and I would even say water treatment. You don't have the IP theft you find in manufacturing, you don't have the PHI of healthcare, PII you can pick up just about anywhere, and as far as ransom style attacks you're better off hitting something less flashy than a utility. The most likely cause of any type of "attack" on grid control systems is going to be from misconfigured systems on an unrelated network segment, such as a business network system getting ransomware and it spreading to a control network, which is what happened with notpetya and Maersk Link to really good story.

I will leave you with a sobering anecdote however. The very first time I stepped into a power plant, I showed up at the gate and was not asked my name, just who I was there to see. I gave the name of the plant manager (easily found via social media etc.) and was directed to visitor parking. I'm an average guy, average height, a little extra weight on me, jeans, boots, polo, hard hat in hand, safety glasses hanging from my shirt pocket and a set of ear plugs. I park, walk to the admin building, walk inside and there is no one there. A reception desk is in front of me, a sign in sheet, and a door to my left. I poke my head through the window to verify no one is in the office and see no one still. So I test the door to my left, it opens easily. At that point I call my point of contact on site, because less than 40 feet from where I could have entered was the entrance to one of the control rooms.

I know not all plants are the same, not all plants owned by one utility are the same, and to be fair that was a few years ago when I started OT/ICS cyber work. Unfortunately when I left that particular field to get back into regular enterprise cyber last year, I was still running into similar situations at other locations. It is better than it was, but there is still a very long way to go, and even then, an attacker is always one step ahead.



posted on Mar, 18 2019 @ 04:56 PM
link   
I am familiar enough with two particular systems to see their vulnerabilities

The first is pipelines.
The pipelines from the West Texas/New Mexico production area have long ( multi-hundred mile) pipelines with pumping stations at each change in elevation. The pressure monitors and pumps are electrically powered, and connected by the internet of things to corporate offices in Houston or New York. Attacking their electrical supply would cut off many major cities from the bulk of their natural gas (Chicago), and deprive the refineries of Nola/Houston of their domestic raw material. Which would cause the international price of crude to skyrocket (of biggest help to the biggest two exporters, Saudi and Russia).

The second is electrical distribution sites at nuclear generating stations.
Any big generation project requires a fairly constant load. It takes many hours to bring a nuclear plant fully on or off-line. So in the heat of summer, during the work week, if one of those plants was disconnected from its load (the regional grid, plus distribution to other segments of the North American electrical grid), The nuclear reactor would be faced with a destructive surplus of power in the form of heat. In the moment of grid loss, the plant may have nearly a gigawatt of heat, and no place to dump it....




top topics



 
3

log in

join