Jayant Gandhi
Smarter Grid, Smarter Attacks
Cyber threats to a US smart grid and what can be done
Electricity is one of the most fundamental necessities for modern life. It is something we
all use every day and whose absence causes great distress. This holds true especially in the US.
However, since 1982, growth in peak demand for the US has grown more than transmission
growth by almost 25% every year.1 Combine this with the fact that US electrical utility industry
spends less than 2% of its revenues on R&D (much less than any other innovation based
industry) and you end up with an electrical grid in dire need of modernization.2 The original grid
was designed with only one goal: reliability (keeping the lights on). Of course, now we have
developed other concerns such as energy efficiency, environmental impacts, and even customer
choice. Reliability, too, has become an issue as the past decade saw three major blackouts in the
US including the most massive blackout in US history, the Northeast blackout of 2003, resulting
in an estimated $6 billion economic loss.3 The proposed solution to bring the grid into the 21st
century is to use information technology to allow for better communication across the grid that
would increase efficiency and reliability; this is known as a smart grid.
The financial benefits of a smart grid were the first to draw attention to the technology.
Even though the initial investment is very high the rewards are even higher. The Electric Power
Research Institute estimates that in order to modernize the US grid a total investment of about
$476 billion is required over the next 20 years, but would lead to about $2 trillion in savings.4
“The Smart Grid: An Introduction. How a smarter grid acts as an enabling engine for our economy, the
environment, and our future.”; DOE; p. 6
2
“2012 Global R & D Funding Forecast: Industrial R & D—Energy”; Martin Grueber;
3
“The Smart Grid: An Introduction. How a smarter grid acts as an enabling engine for our economy, the
environment, and our future.”; DOE; p. 12
4
“U.S. smart grid to cost billions, save trillions”; Scott DiSavino;
1
This has proven incentive enough for the major technology firms (Google, Toshiba, etc…) to
begin investing in smart grid technologies that will provide the foundation for the US
modernization of the grid.
The benefits of having a smart grid system implemented across the US are quite
remarkable. The Department of Energy (DOE) lists eight main qualities that a smart grid will
bring. The smart grid is intelligent; it can autonomously prevent or mitigate potential outages. It
is efficient and quality focused; communication between consumer and producer enables
advanced routing of energy that can meet increasing demand without the need for increasing
production and provide it in a consistent manner required by modern electronics. It is
accommodating of all input energy sources, which, when savings from efficiency are added,
creates a greener grid. It motivates consumers to make choices based on price or environmental
concerns. It can lead to new economic opportunities by allowing increased computerization. And
its decentralized nature makes it more resilient to attacks and natural disasters.5 These are all
highly desirable traits, but they do not tell the full story of the smart grid.
A smart grid would indeed increase the reliability of the grid. In fact, a smarter grid could
have been instrumental in preventing the cascading effect that led to the 2003 blackout which
originated from a computer bug in Ohio. However, while the decentralized nature of a smart grid
with its plethora of nodes the reroute power works wonders in the event of a natural disaster or
physical attack, it opens up the grid to a new kind of attack: cyber-attacks. In the event of a
cyber-attack, that same decentralized nature that allows a smart grid to quickly and efficiently
respond to surges or sags in the grid and the two-way communications used to create an efficient
distribution of power become the enemies of the grid. The increase in the number of access
“The Smart Grid: An Introduction. How a smarter grid acts as an enabling engine for our economy, the
environment, and our future.”; DOE; p. 17
5
points and routes for an attack to travel on makes a smart grid very susceptible to an attack from
cyberspace.
Cyber-attacks can often seem benign since they exist on a separate plane from us,6 but
they present a real threat to US national security. As the grid currently stands, an enterprising
terrorist organization could theoretically cause immense damage by creating blackouts worse
than the one seen in 2003. An aggressive nation could do the same and even use it as a prelude to
war. Smart grids give more access and thus more opportunities for these attacks and can even
amplify the effects. Of course a smart grid would not be sitting there unprotected waiting for any
evildoer to press a button and cause chaos. But what exactly would be needed to ensure a
protected grid? Because of the large assortment of technologies used to make a smart grid there
is no silver bullet solution. Instead, a safe smart grid requires not only heavy investment in the
infrastructure to provide the services, but also a huge investment in the information security
industry that will have to grow alongside the smart grid and is guided by both private industry
and the government.
Cyber threats are not new to smart grid systems, they present a real threat to regular
grids.7 The US grid has already suffered several intrusions into its electrical grid by foreign
entities in the past few years. The chief antagonists thus far have been Russia and China, who,
according to US intelligence, have attempted mapped the US electrical grid in order to probe for
weaknesses and in some cases going so far as to leave behind pieces of malware (malicious
computer code with the intent of causing damage) that could be activated to disrupt the grid.8
While none of this code has been activated nor is it evident that either country successfully
6
We inhabit the physical realm, cyber-weapons the cyber realm, but the interconnectivity of these two realms has
been increasing with the spread of computerized technologies.
7
I draw a line here between a true smart grid, which features widespread usage and dependence on information
technologies, and our current grid which contains some information technologies, but not in the integrated and
comprehensive manner of a true smart grid.
8
“Electricity Grid in U.S. Penetrated By Spies”; Siobhan Gorman;
completed their maps, the fact that two countries with which US relations can be somewhat
tumultuous have made it so far into our critical infrastructure is startling.
The cyber security of the current grid is such that it does not even require the resources of
a state to cause damage. Joe Weiss of Applied Control Solutions LLC, a security consulting
company based in California, estimates that a terrorist organization could potentially use cyberattacks to disable transformers resulting in a blackout that could last 9-18 months.9 For
comparison, the August 2003 blackout that caused over $6 billion in economic loss and at least
eleven fatalities only lasted four days, with power being restored incrementally throughout that
time. Now, the 9-18 months figure may be a bit exaggerated (a security firm has an interest in
making situations seem more dire than they are), but if a terrorist attack could even manage to
disrupt service for a month, that damage would be incredible.
The situation becomes even gloomier when one examines the current price to efficiency
relationship of cyber-security for US energy companies. A Bloomberg survey of 21 US energy
companies found that the average spending on cyber security for US companies was $45.8
million a year and were able to defend against 69% of known cyber-attacks on their systems.
Estimates provided by these companies state that an increase of about $25 million in annual
spending on cyber-security could improve their defense to 88%, but in order to get to 95% they
would have to spend a total of $344.6 million per year, which is way too much for any one
company to spend. The reason for this sharp increase in spending is due to the even sharper
increase in the complexity of attacks. Most of the attacks deflected are simple in design and
usually carried out by bots (automated computers), so the percentages can be misleading. It is
also this upper echelon of complex attacks that poses the greatest risks to the grid. To make
matters worse, if an attack were to occur and damage critical hardware there is an issue of
9
“Power-Grid Cyber Attack Seen Leaving Millions in Dark for Months”; Brian Wingfield;
whether or not we have enough replacement parts in supply to quickly repair the system. 10 So far
we have been lucky and a large scale attack has been avoided, but it seems like only a matter of
time before that luck runs out.
The cyber-security issues prevalent in the current grid are not resolved by the
introduction of smart grid
technologies, instead new
vulnerabilities are added to the grid.
Of these new vulnerabilities, perhaps
the most salient is the aforementioned
increase of entry points for a wouldbe attacker. In order for a smart grid
to function efficiently it needs to be
Figure 1
able to facilitate communication
between sectors. As this interconnectivity increases the options for point of entr for an attack
increase as well. The network described in figure 1 is the proposed model for what the US smart
grid would look like according to the National Institute of Standards and Technology (NIST).11
The most striking feature of the model is the number of connections between different domains
of the smart grid. Each of these domains, or nodes, serve as a possible entry point for a cyber
attack. By gaining entry to one of these nodes an attacker can move from one to another,
spreading malicious code on the way.
For example, consider an attack originating from the customer node. This is perhaps one
of the most troubling entry points because it would make every household and business on the
10
ibid
“Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security: The Smart Grid Interoperability Panel
Cyber Security Working Group”; NIST; p. 11
11
grid a potential threat. According to IOActive, a cyber-security firm, it would only take about
$500 worth of equipment in the right hands to manipulate the smart meters in a household to
gain access to the grid and cause disruptions from there.12 Depending on the level of complexity
of the group perpetrating the attack, the effects could range from mild fluctuations in grid service
to regional blackouts. And monitoring such activity in private residences could prove difficult if
not impossible. This is not the only risk brought on by the interconnectivity of the smart grid.
In addition to granting a cyber-terrorist or rival nation access to more avenues of attack,
the high level of connections between the different domains of the smart grid can create the
perfect environment for cascading failures. A cascading failure is what happened in the 2003
blackout where one failure led to another, which, in turn, led to another, and so on. What makes
a cascading failure in a smart grid different is the number of steps taken. In 2003 the cascade
effect within the computer systems started with the failure of one alarm system, which then
caused the back-up server to fail due to the number of unprocessed events queued. This kept the
teams monitoring the grid in the dark so that they had no idea there was any danger.13 The rest of
the cascade effect was caused by one power system failing after another, but it all stemmed from
that original lack of information. In a smart grid, however, the cascade effect would not be
limited to one system since different systems are connected to other relevant ones. The failure
would go from one system to the next, which would increase the amount of repairs needed to be
done in order to bring the grid back on line. By dragging out the repair time you drag out the
duration of the disruption of service and increase the damage done.
Blackouts are not the only threat to a smart grid. If an attacker wanted to cause damage
without inducing a blackout they could achieve their goal by manipulating the quality of the
12
13
“Report: Spies hacked into U.S. electricity grid”; Martin LaMonica;
“Software Bug Contributed to Blackout”; Kevin Poulsen;
electricity being passed through the grid. Causing surges in the grid could damage unprotected
electronic equipment. High electronics, which are the most susceptible to such an attack, are
often hard and expensive to replace. Such sabotage could be targeted in a smart grid granting the
attacker a precision weapon.
The two-way flow of information between consumer and producer means there is a
potential for the compromise of data confidentiality. Producers in a smart grid will have to gather
extensive data on their consumers’ preferences, habits, and other personal information. A hacker,
by gaining access to the grid, can gain access to this information. While this is not as dire or
destructive as a black out or as costly as precision surge attacks it is still a real threat to the
consumer and can be used to aid further illicit activities. For example, by figuring out when a
household’s thermostat adjusts itself throughout the day, an intrepid criminal could figure out
when the house is empty and then burglarize the house.
Another vulnerability of a smart grid comes from its complexity. The magnitude of
complex networking and coding that goes into creating a large smart grid to serve a country like
the US increase the chance for bugs in the coding to be buried deep where they will not be found
until they cause an error. It also means that logic bombs (malware that only triggers once a
specific condition is met) can be hidden deep throughout the code of the smart grid as well. The
former is not an act of cyber-terrorism or warfare (it is human error), but it is still capable of
inflicting damage.
Clearly there are a lot of vulnerabilities inherent in a smart grid and the current US
industry average of fending off 69% of attacks is not going to cut it when a single attack can
cause massive damage. So what steps are we taking to ensure that as we update our grid we
maintain its security?
The NIST and the DOE have been collaborating in order to develop a roadmap to achieve
a secure smart grid. Together they have outlined six barriers to having a secure grid and five
strategies to deal with these barriers.
Barriers:
 Cyber threats are unpredictable and evolve faster than the sector’s ability to develop and
deploy countermeasures

Security upgrades to legacy systems are limited by inherent limitations of the equipment
and architectures

Performance/acceptance testing of new control and communication solutions is difficult
without disrupting operations

Threat, vulnerability, incident, and mitigation information sharing is insufficient among
government and industry

Weak business incentives for cyber-security investment by industry

Regulatory uncertainty in energy sector cyber-security
Strategies
 Build a culture of security

Assess and monitor risk

Develop and implement new protective measures to reduce risk

Manage incidents

Sustain security improvements
The goal is that, by 2020, the US will have a functioning smart grid that can survive a cyberattack without losing any critical functions.14 Each of these strategies seeks to address one or
14
“Roadmap to Achieve Energy Delivery Systems Cybersecurity”; DOE; p. 5
more of the issues plaguing cyber-security in the energy sector and they are all contingent on an
increase in the information security industry.
Creating a culture of security, while a somewhat nebulous sounding strategy, addresses
the weak incentives for investment by industry and the problem of information sharing. As
mentioned earlier, the costs of maintaining an efficient cyber-security program is expensive for
an individual company to maintain. The DOE suggests that a culture of security would lead to a
significant increase in the number of information security experts employed by the industry. To
reach this end, an educational campaign, led by industry-government cooperation, which
promotes better security awareness, must be implemented. Companies are not alone as one attack
can spread from company to company causing damage. Additional NIST found that cost of
mitigating a vulnerability late in development is up to 30 times more expensive than if the
vulnerability is caught at the beginning or early on.15 Creating an industry culture where high
security standards are expected requires the hiring of skilled information technology workers.
Assessing and monitoring risk deals with increasing communication within the industry
and the constantly changing nature of cyber threats. By creating standards and metrics to be used
in each subsector of the industry it becomes easier to track vulnerabilities. Catching these
vulnerabilities before they are exploited helps security experts catch up to the cyber-aggressors
who, one must assume, have already found the vulnerability.
The DOE and the NIST recommend a “Defense-in-depth” strategy when it comes to
developing new measures to reduce risk. This strategy is designed specifically to respond to a
security landscape that is constantly evolving. The basic idea is that security should be applied in
layers with each layer being made up of one or more security measure. For example, a firewall
could make up one layer of node’s defense, but if that is circumvented the intruder would now be
15
Ibid p. 28
subject to a layer containing intrusion detection and anti-virus software.16 While not a completely
novel concept, many personal computers feature both a firewall and anti-virus software, when
applied to each node in the smart grid network provide extra layers that would, at the very least,
slow down an attack allowing an effective response to be mounted.
The most important of these strategies, though, is mitigation of damage once an attack
has begun. This would ideally be achieve through a combination of automated systems designed
to reroute power and isolate “infected” areas of the grid in the event of an attack and teams of
information security experts working in tandem with engineers to limit the damage caused.
Mitigation is never the ideal solution, but it is the most crucial when setting up cyber defenses
for the smart grid.
Defense in the cyber realm has one key problem: “cyber-battle” is offense dominant. The
attacker always has the advantage. They are the ones who discover a vulnerability first or
develop a workaround for heavily guarded systems. A cyber-security expert is always
responding to what the attacker does. It is nearly impossible to predict what an attacker will do.
Checking for vulnerabilities achieves some kind of preemption, but it is not guided. An
attacker’s actions have a purpose and they seek out vulnerabilities to suit their purpose. The
defender cannot know this. Interestingly, this leads to a completely different solution for
securing the grid when dealing with nations versus terrorist groups. Posturing aggressively
against a rival nation can achieve a cyber-deterrence equilibrium.17By not worrying about attacks
from nations, smart grid cyber security workers do not have to worry as much about the most
complicated and highest tier of cyber-attacks that could only be undertaken by an entity with the
“NISTIR 7628 Guidelines for Smart Grid Cyber Security v1.0”; NIST; p. 25
This is the subject of my current undergraduate thesis. The explanation for how this comes about is long and
involved and would not serve the purpose of this paper to include in full.
16
17
resources of a state. This aggressive behavior, however, cannot work against cyber-terrorism, so
a capable cyber defense strategy is still required for critical infrastructure like the smart grid.
The ultimate goal of this roadmap is to create a system in which even when an attack is
sustained the power grid continues to provide reliable power (as much as possible) and recovers
quickly after an attack.18 There is only one way to ensure this: a large and devoted cyber-security
branch of the energy industry. The only way the US smart grid can be secure is if both the
government and industry commit to expanding their information security resources in order to
deal with the attacks that make it through the defense.
Ensuring the protection of a large, integrated, and extremely important network spanning
many different companies is no easy task. It requires a large investment of time, money, and
energy in order to protect the 24/7 constant reliability expected of something as essential as our
electrical grid. There are dreams of advanced encryption techniques or improved authentication
protocols that would secure communication over networks, but so far such technical solutions
have proven to be either too obtrusive as to hinder the desired interactions as well as malicious
ones or issues with the technologies have kept them as dreams. The benefits of a smart grid are
too many and too good to pass up because of these security concerns. It will just require constant
vigilance and adaptive strategies to protect.
18
Ibid p. 76
Bibliography:

“The Smart Grid: An Introduction. How a smarter grid acts as an enabling engine for our
economy, the environment, and our future.” ; prepared for the U.S. Department of Energy
by Litos Strategic Communication; 2009;
http://energy.gov/sites/prod/files/oeprod/DocumentsandMedia/DOE_SG_Book_Single_P
ages%281%29.pdf









“2012 Global R & D Funding Forecast: Industrial R & D—Energy”; Martin Grueber; R&D
Magazine; 12/16/2011; http://www.rdmag.com/articles/2011/12/2012-global-r-d-fundingforecast-industrial-r-d%E2%80%94energy
“U.S. smart grid to cost billions, save trillions”; Scott DiSavino; Reuters; 2011;
http://www.reuters.com/article/2011/05/24/us-utilities-smartgrid-epriidUSTRE74N7O420110524
“Electricity Grid in U.S. Penetrated By Spies”; Siobhan Gorman; The Wall Street Journal; April
8, 2009; http://online.wsj.com/article/SB123914805204099085.html
“Power-Grid Cyber Attack Seen Leaving Millions in Dark for Months”; Brian Wingfield;
Bloomberg.com; Feb 1, 2012; http://www.bloomberg.com/news/2012-02-01/cyber-attack-on-u-spower-grid-seen-leaving-millions-in-dark-for-months.html
“Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security: The Smart Grid
Interoperability Panel Cyber Security Working Group”; National Institute of Standards and
Technology; September 2010; http://www.nist.gov/smartgrid/upload/nistir-7628_total.pdf
“Report: Spies hacked into U.S. electricity grid”; Martin LaMonica; Cnet.com; April 8, 2009;
http://news.cnet.com/8301-11128_3-10214898-54.html
“Software Bug Contributed to Blackout”; Kevin Poulsen; SecurityFocus; 2004-02-11;
http://www.securityfocus.com/news/8016
“Roadmap to Achieve Energy Delivery Systems Cybersecurity”; U.S. Department of Energy –
Energy Sector Control Systems Working Group; September 2011;
http://energy.gov/sites/prod/files/Energy%20Delivery%20Systems%20Cybersecurity%20Roadm
ap_finalweb.pdf
“NISTIR 7628 Guidelines for Smart Grid Cyber Security v1.0”; National Institute of Standards
and Technology; August 2010; http://www.nist.gov/smartgrid/upload/nistir-7628_total.pdf