HACKING THE POWER GRID: WHY WE SHOULD ALL BE CONCERNED ABOUT IOT - - PowerPoint PPT Presentation

hacking the power grid
SMART_READER_LITE
LIVE PREVIEW

HACKING THE POWER GRID: WHY WE SHOULD ALL BE CONCERNED ABOUT IOT - - PowerPoint PPT Presentation

Aug 04, 2023 91 likes •429 views

HACKING THE POWER GRID: WHY WE SHOULD ALL BE CONCERNED ABOUT IOT SECURITY Presented by Computer Forensics & Cyber Security Expert: Lee Neubecker, CISSP https://greatlakesforensics.com My Blog: https://leeneubecker.com About Lee

slide-1
SLIDE 1

HACKING THE POWER GRID:

WHY WE SHOULD ALL BE CONCERNED ABOUT IOT SECURITY

Presented by Computer Forensics & Cyber Security Expert: Lee Neubecker, CISSP https://greatlakesforensics.com My Blog: https://leeneubecker.com

slide-2
SLIDE 2

About Lee Neubecker, CISSP, MBA

  • Lycos.com Group Product Manager 1998-1999
  • Founded Forensicon, Inc. in 2002 - sold to QDiscovery in March of 2016
  • Info Sec / Security Blogger 2016 - Present leeneubecker.com
  • HaystackID CISO, then promoted to CIO January 2018 through July 2018
  • Founded Great Lakes Forensics August 2018 greatlakesforensics.com
  • Ranked one of the top Global Expert Witnesses in Cyber Security and

Computer Forensics by Who’s Who Legal 2018

slide-3
SLIDE 3

September 11, 2019

Imagine how a cyber attack a year from today could impact us all

slide-4
SLIDE 4

Day 1 Without Power

  • People Trapped in Elevators
  • Flights cancelled everywhere
  • Cell Phone Networks not working
  • CTA & METRA Electric Trains Shut Down
  • Most homes lose power (No refrigeration, a/c)
  • Gas stations unable to sell gas (electric pumps)
  • Hi-rise buildings without working windows swelter
  • Traffic stopped with everyone trying to flee
slide-5
SLIDE 5
slide-6
SLIDE 6

Days 2-7 Without Power

  • Stores run out of consumer goods
  • Internet largely not working
  • Water Pressure Drops
  • Food Begins to Spoil
  • Cars and trucks clog roads (out of gas)
  • Banks and ATM’s unable to disburse cash
  • Credit cards don’t work (barter and hard currency only)
  • Fires breakout through the city - Responder hell
slide-7
SLIDE 7

Great Fire of Chicago 1871

slide-8
SLIDE 8

Chicago 1968 Post Riots

slide-9
SLIDE 9

Days 8-14 Without Power

  • Reserve fuel sources for generators depleted
  • Distribution of consumer goods disrupted
  • Medicine supplies exhausted
  • Storms begin flooding basements
  • Sewage starts to backup into homes
  • Water supply contaminated
  • Looters and crime everywhere
  • Garbage piles up everywhere
slide-10
SLIDE 10

Garbage Piles Up

slide-11
SLIDE 11

Days 15-30 Without Power

  • Public water supply stops working
  • Disease and famine begin to take over
  • Hospitals lose backup power
  • Sick persons dependent on medication begin to die
  • Lawlessness takes hold
  • Every person for themselves
slide-12
SLIDE 12

The threat of cyber attacks

  • n our power grid is real!
slide-13
SLIDE 13

Points of Vulnerability to Our Power Grid

Direct attacks Indirect attacks

slide-14
SLIDE 14

USENIX Conference: Research Presented Aug 2018

Manipulation of Demand via IoT (MadIoT)

https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-soltan.pdf

slide-15
SLIDE 15

Their Research:

https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-soltan.pdf

slide-16
SLIDE 16

Types of Attacks on the Power Grid

  • Attacks that result in frequency instability (sudden increase or decrease in power demanded of

the system that can cause a disruption or significant variance in Supply and Demand)

  • Attacks that cause line failures and result in cascading failures

○ Polish Power Grid Summer 2008 ■ 1% in the demand on the Polish power grid results in a cascading failure with 263 line failures and outage in 86% of the loads. ■ 210,000,000 Watts can trigger such an outage (Examples below)

  • 210,000 Air Conditioners turning on at once
  • 42,000 Electric Water Heaters turning on at once

○ Shift in geographic region of demand of power concentrated in a single region can cause line failures in adjacent region power lines

  • Attacks that increase operating costs (5% increase during peak hours can result in 20% cost

increase)

slide-17
SLIDE 17

Types of Attacks on the Power Grid MadIoT attack variations

Graphic from https://www.usenix.org/system/files/conference/usenixsecurity18/sec18- soltan.pdf

slide-18
SLIDE 18

Types of Attacks on the Power Grid MadIoT attack variations

  • Attacks the frequency by turning devices on and off in mass via Botnet to

attack the power generation facilities via endpoint demand

  • Attack much smaller number of devices in targeted geographic areas to

cause line tripping as power flows between islands and neighborhoods (may trip lines and not be detected by the grid operator initially)

  • Turning bots on and (off) in the importing (exporting) end of a tie-line to cause

line tripping

  • Increasing the operating cost during demand peak hours by increasing

demand slowly (forces depletion of power generation reserves)

slide-19
SLIDE 19

Types of High Wattage IoT Devices

slide-20
SLIDE 20

Devices that Control High Wattage Devices

slide-21
SLIDE 21

Devices that protect most home IoT Devices

slide-22
SLIDE 22

Problems with many consumer firewalls

  • Default username and passwords - easy automatic

compromises, e.g., admin password

  • Configured insecure by default
  • Not fully patched before deployment
  • Rogue firmware can be uploaded to compromise all connected

devices through code injection

  • Cable companies often have root credentials & control
  • Telecom providers and desires of our U.S. Government to have

Intel on Consumers hasn’t helped

slide-23
SLIDE 23

Vulnerabilities and Exploit Bonanza Since 2015

  • U.S. OPM Hacked June 2015
  • Hacking Team Code posted online in July 2015
  • U.S. Intel Weapons leaked online (Snowden, Vault 7, Shadow

Brokers, Harold Martin, Reality Winner)

  • Vulnerabilities and exploits used to compromise chips and

routers have resulted in tons of problems

  • Double Pulsar Port 445 SMB vulnerability revealed
  • Broadcom Chip Vulnerabilities
  • Processor Speculative Execution Vulnerabilities
slide-24
SLIDE 24

Botnets

  • Takes over a large number of devices deployed around

the world or targeted using known public facing port vulnerabilities

  • Routers and other public facing devices targeted
  • Used by nefarious actors to coordinate large scale DDOS

attacks and to obscure the identity of the attacker(s)

slide-25
SLIDE 25

What needs to happen to secure IoT

  • 1. Effective deployment of Firewalls in homes to block inbound traffic
  • 2. Devices need to auto patch update their firmware
  • 3. Default usernames and passwords need to be uniquely issued per device
  • 4. Network segmentation of IoT devices on Guest Network with no peer access
  • 5. Routers need to be hardened on home devices
  • 6. Firmware verification needs to be readily available
  • 7. Secure delivery of Patches or atleast the ability to validate the patch before

installation

  • 8. Adoption of stronger encryption algorithms to secure and sign firmware

updates (SHA1, MD5 and less secure algorithms should no longer be used)

slide-26
SLIDE 26

What power companies need to do

  • Be on alert for compromise from venders and strategic partners
  • Implement Multi-factor authentication to protect (Something

your Know) + (Something you are) or (Something you have)

  • Monitor geographic consumption of power changes instead of

the overall

  • Artificial Intelligence development to respond to cyber attacks
slide-27
SLIDE 27

What Industry is Doing

  • 1. CTIA The Wireless Association - The U.S. wireless industry’s trade

association, recently announced the creation of a cybersecurity certification program for Internet of Things (IoT) devices that connect to the internet via LTE or Wi-Fi. (August 31, 2018)

  • 2. GSMA - The GSM Association is an originally-European trade body that

represents the interests of mobile network operators worldwide. GSMA has established a set of IoT cybersecurity guidelines and self-assessment tools that are similarly aimed at improving the security of IoT devices.

slide-28
SLIDE 28

What our Government is Doing

  • Draft NISTIR 8200 Interagency Report on Status of 23 International

Cybersecurity 24 Standardization for the 25 26 Internet of Things (IoT)

https://csrc.nist.gov/CSRC/media/Publications/nistir/8200/draft/documents/nistir8200-draft.pdf

  • State of Modern Application, Research, and Trends of IoT Act, or SMART IoT

Act (Draft Bill –directs the Commerce Secretary to submit to Congress a report on the state of the IoT industry

  • California SB-327 Information privacy: connected devices
  • Internet of Things Cybersecurity Improvement Act of 2017 (Introduced but no

action yet) - Sen. Mark Warner & Sen. Cory Gardner — an attempt to force companies that sell wearables, sensors and other web-connected tools to federal agencies to adhere to some new security standards.

slide-29
SLIDE 29

Q&A

Lee Neubecker, CISSP, MBA President of Great Lakes Forensics https://greatlakesforensics.com lee@greatlakesforensics.com My Direct +(312) 300-4729 My blog: https://leeneubecker.com https://www.linkedin.com/in/leeneubecker/ https://twitter.com/lneubecker

slide-30
SLIDE 30

Smart Home Gone Wrong

  • Mr. Robot

https://player.vimeo.com/video/178324074

slide-31
SLIDE 31
slide-32
SLIDE 32

Q&A

Lee Neubecker, CISSP, MBA President of Great Lakes Forensics https://greatlakesforensics.com lee@greatlakesforensics.com My Direct +(312) 300-4729 My blog: https://leeneubecker.com https://www.linkedin.com/in/leeneubecker/ https://twitter.com/lneubecker