VANCOUVER — The widespread blackout that struck the East coast last week is a wake-up call highlighting the vulnerability of North America’s power grid to cyber attack, according to a Canadian researcher.
Given the information he’s seen so far, Eric Byres admitted it is unlikely the blackout
was cyber-related. But Byres, research team leader at the British Columbia Institute of Technology’s Internet Engineering Lab, said the way a small problem at one power plant seems to have cascaded across the East Coast shows possible hackers and terrorists the potential of a cyber attack.
“”People watching with less them warm and fuzzy thoughts about Western society will be saying ‘Wow, here’s a way we can get a lot of bang for our buck,'”” Byres said. “”Whether they’re sophisticated enough to do anything about it remains to be seen.””
Byres said cyber-security has been an issue for utilities since 1997, when a U.S. government study found basic security flaws in the computer systems controlling generators, switching stations and electrical substations. Operational networks controlling critical parts of the power grid could be accessed through the utilities’ corporate LANs.
While it’s difficult to say how vulnerable the system really is, Byres said Canada has generally done a pretty good job of building safeguards and securing its systems from cyber attacks, holding monthly meetings with each other to share information and ideas. However, he said American utilities are lagging on this front, and that’s putting the Canadian grid at risk.
“”In the U.S., I think they’re behind the times a bit,”” Byres said. “”They’re moving in that direction, but it’s maybe not fast enough. There’s still also a lot of doubt, a belief that it can’t happen here.””
Despite Canada’s progress securing its systems, because of the interconnection of the North American power grid Canada is still vulnerable. The way last week’s blackout cascaded easily across the border demonstrates that.
“”Clearly, what happened last week, despite some finger pointing, wasn’t our fault,”” Byres said. “”Yet Toronto still paid the price. The same thing is true in terms of vulnerability to cyber attack.””
Byres points to the Slammer work attack in January. Although it was aimed strictly at SQL servers, Slammer managed to shut down power distribution systems in both the U.S. and Canada. It didn’t directly attack the systems, but it got into routers that were used for both the power grid and Internet access and was able to shut them down. This overlapping of equipment leaves the systems vulnerable.
“”There was a paper in England where a researcher showed that if you could get access to the transformer and relay systems, you could do a fair amount of damage,”” Byres said. “”And even if the hacker didn’t manage to get into the other systems cyber-wise, he could create such a local impact it could cascade and cause the kind of incident you saw last week.””
Several Ontario utilities, including Hydro One, did not respond to requests for interviews at press time.
BC Hydro has had a critical infrastructure protection team in place since April 2000 to guard against cyber attacks and other threats to the province’s power grid. Seiki Harada, security risk coordinator for BC Hydro, said the company mainly concerned with two types of cyber attack: external, and internal.
Externally, Harada said BC Hydro’s security measures follow the standards set by the North American Electric Reliability Council, an industry association dedicated to improving the reliability of the continent’s power systems.
The utility’s main computer systems are behind three layers of firewalls, and the systems are replicated so they can switch over to a back-up environment at a moment’s notice. The team also ensures all server and workstation patches are done within a reasonable time.
“”We’ve done a couple of vulnerability assessments, on both occasions done by third party consultants,”” Harada said. “”Each time you do a vulnerability assessment you find something weak, and we’ve been patching those right away.””
The other threat Harada’s team is guarding against is from within the system. It could be a disgruntled former employee or a former contractor, someone with inside knowledge of the company and it’s systems.
“”We have a number of Intelligent Detection System nodes active within our system,”” Harada said. “”It surveys the types of activities happening on the servers and the networks, and applies an artificial intelligence to see if there are any anomalies.””
Harada said it’s difficult to really difficult to say how vulnerable their systems are to a cyber attack. But through meeting regularly with their counterparts at other utilities to exchange information and share ideas, and following the standards laid down by NERC, Harada said BC Hydro is actively working to make it’s systems as secure as possible.
“”I’m generally aware of what Canadian utilities are doing, and I’d say we’re in about the middle of the pack,”” Harada said.