Protecting Smart Grids From Cyberattacks and Compromises Should Be a Top Priority for any Utility, as Failure Could Cripple the Nation's Way of Life.
The public infrastructure is one of the most valuable assets of the United States and its citizens. Communications networks, roads, bridges, tunnels, rail lines, and electric power are the backbone of the nation; the very fabric that helps to ensure our way of life.
Damage to any of these infrastructures would be devastating, but damage to or failure of the electric power grid would be supremely tumultuous, as all of the other infrastructures that ensure the health of the nation rely upon electric power.
Without electricity, streetlights no longer shine, trains no longer run, phones no longer ring, drawbridges no longer raise and the list goes on. Simply put, without electricity, we are thrown back into the Stone Age.
The generation and distribution of power has become a very reliable service, with a majority of areas and energy consumers rarely experiencing outages. Normally, newer technologies would improve upon this but in the energy market, new technology may present new dilemmas, which is the opening of new attack vectors that could be used to drive failure of the systems.
Case in point is the latest innovation to hit the electric industry, known as the Smart Grid. For some, a Smart Grid is a solution to many problems—the technology leverages intelligent endpoints over ethernet communications (sometimes routed via the Internet), to bring efficiency and control to the distribution and consumption of electric power. Thanks to the intelligence being built into electrical powered devices, substations and even generation plants, the savings and rewards often realized can be phenomenal.
However, it is that same intelligence that potentially elevates risk. Simply put, Internet connected systems present a window of opportunity for compromise. For example, a nefarious individual could intercept or redirect Internet-born commands on a Smart Grid and wreak havoc. Just imagine if a virus such as Stuxnet (which assumingly set the Iranian nuclear program back years) was distributed to power stations or sub stations via a Smart Grid incursion. The results could be devastating.
However, it is that same intelligence that potentially elevates risk. Simply put, Internet connected systems present a window of opportunity for compromise. For example, a nefarious individual could intercept or redirect Internet-born commands on a Smart Grid and wreak havoc. Just imagine if a virus such as Stuxnet (which set the Iranian nuclear program back decades) was distributed to power stations or sub stations via a Smart Grid incursion. The results could be devastating.
With those worries in mind, the US Department of Energy in conjunction with the US Department of Homeland Security has developed guidelines to help protect critical assets. Many of those guidelines, as well as others set forth by the National Institute of Standards (NIST, Smart Grid Cyber Security Strategyand Requirements - NIST IR 7628s), focus on encrypting and securing Smart Grid communications.
To ensure secure and trusted Smart Grid communications, certificates and encryption-enabled based security validated by third-party CAs will play a critical role.
Very much in the same way that ecommerce and other We- based transactions and communication systems are protected by certificates and keys, they can also effectively protect Internet communications that support Smart Grids, thus hardening them against threats and attacks.
While the strategy of using certificates is well proven and a security best practice, recent history has shown that if improperly managed a dark side to certificates can emerge. Lessons from 2011 demonstrate that certificates can be falsified, compromised, destroyed or stolen—leading to devastating attacks and data breaches.
Nevertheless, those certificate failures cannot be blamed on the certificates themselves. The problem actually stems from the lack of proper management of the security instruments.
Improper certificate and key management that leads to security compromises is exemplified by some "worst practices" use cases.
Some organizations rely on simplistic, manual management techniques to keep certificates viable, keeping track of thousands with everything from spreadsheets to Post It notes. This leads to unaccounted for certificates and leaves weak and hackable certificates deployed on networks.
Other companies fail to track expiry dates, which leads to disruptive systems outages. Many share certificate details across multiple IT employees, leaving them exposed to unauthorized and malicious activities. Other companies have been slow to react to CA failures, and many more do not have a contingency plan in place for when certificates or their issuers are compromised.
Sacrificing security in the name of business is another reason for critical alarm within environments that rely on certificates for security. Recent reports around the Electric Industry Critical Infrastructure show that acceptance of prolonged SSL certificate validity periods of as long as 30 years is being viewed as acceptable in the name of "business disruption avoidance." The hard truth is that over-extended validity periods are known to lead to incidents that lead to costly breaches and disruptions that are far more cumbersome than the practice of more frequent and scheduled certificate rotation.
Because digital certificates and encryption keys will continue to be used to protect Smart Grid communications, utilities need to pay close attention and look at why certificate failures have happened in the past and take proactive steps to reduce the risk of a successful certificate-based attack. While the DOE, DHS and NIST have put significant effort into educating utilities on how to secure Smart Grids, the utilities themselves need to take responsibility for their security, as rules and regulations aren't what halts attacks, effective security and management process does.