Securing the power grid

The nation’s power grid is susceptible to attacks from hackers and network manipulators

In recent weeks, reports have surfaced regarding the lack of security in the nationâÄôs power grid. Critical operations at power plants âÄì both nuclear and otherwise âÄì have been found to be IP-based, making them available through the Internet. This method has proven to be more convenient and efficient for plant operators as they have had the luxury of commanding different operations from the comfort of their home. But with the efficiency and comfort has come a grave security risk, putting the nationâÄôs power plants at the mercy of hackers, both domestic and foreign. As technical director of national intelligence research at BBN Technologies Peter “Mudge” Zatko states in a recent article on CNET, âÄúItâÄôs on the Internet. This is terrifying.âÄù Modernization has brought other new technologies that offer worrisome risks as well. The new Smart Grid initiative, which is designed to adjust electricity flow to appliances in homes, is also at high risk due to the overall design of the system. The system, which is also Internet-based, is open to network manipulation, according to studies done by IOActive. The quick pace of modernization in the nationâÄôs power grid is backfiring. The basic security principals to which technology industries are accustomed have proven to be non-existent. Having critical operations connected to the Internet disobeys the most basic laws of network security. Never should a company, or in this case a country, have sensitive operations available online because they will always be manipulable by hackers, no matter how hard they try to secure them. Making a nuclear power plantâÄôs critical controls as accessible as a simple webmail account shows stupidity on all levels. But also troubling is how the up and coming Smart Grid relies heavily on the Internet as well, which will make it susceptible to potentially harmful protocol tampering and root kits. Ultimately, the only way the power grid will be safe is if its systems and servers are not connected to the Internet in any way, shape, or form. Taking computers that have the access to critical operations at plants totally off the Internet is the first, most crucial step to a more secure grid. But the Smart Grid is a more complicated issue because it needs the Internet for basic operations, and therefore, every effort will be needed to make sure it is as secure as can be from potential predators. This involves government resources to assure that the software that powers the upcoming Smart Grid devices will be ready for the day when America is attacked in cyberspace, an area where it currently stands defenseless.