SlideShare a Scribd company logo

Practical analysis of cybersecurity in European smart grids

S
Sergey Gordeychik

This paper summarizes the experience gained during a series of practical cybersecurity assessments of various components of Europe’s smart electrical grids.

Technology
1 of 12
Download to read offline
Practical analysis of the cybersecurity of European smart grids Gleb Gritsai, Alexander Timorin, Kirill Nesterov, Alexander Tlyapov, Sergey Gordeychik Abstract This paper summarizes the experience gained during a series of practical cybersecurity assessments of various components of Europe’s smart electrical grids. Keywords Cybersecurity, SIL, industrial control system (ICS), IEC 61850, Smart Grid, smart grids, vulnerabilities, relay protection Introduction Smart grid technologies are now being widely implemented across Europe. To a large extent this trend reflects a focus on energy efficiency and the mass adoption of mini- and microgeneration renewable electric power sources. The main regulatory guide in this field is Directive 2009/28/EC of the European Parliament and Council of 23 April 2009; this document sets the target of achieving 20% power generation from renewable sources by 2020, and 80% by 2050. In this article, we summarize the experience gained during a number of practical security assessments of various components of Europe’s smart grids. Scope of work In this article, we define industrial control system (ICS) cybersecurity as the process of ensuring operation of a management object with no dangerous failures or inadmissible damage. It also implies the target level of economic efficiency and reliability being maintained under the conditions of a purposeful negative human-induced information impact. This definition makes it possible to apply a mission-centric approach1 to a security assessment and to use existing industrial and functional security, reliability theory for risk assessment and threat
modeling. The findings of this analysis will be published in our subsequent papers. The main objects of the research were determined based on NISTIR 7628 Guidelines for Smart Grid Cyber Security2 . Figure 1. Electricity flows and communication lines in the NIST Smart Grid Framework model For the purposes of this research, the basic model envisaged an anonymous intruder with average skills and acting over the Internet. This adequately models the capabilities of a motivated group of ‘hacktivists’ or of a medium-budget industrial espionage campaign or criminal operation. In our research we did not look at attack vectors associated with CVSS adjacent networks, including local radio networks. The results of our work showed that at the current time it is impractical to consider more complex intruder models or attack methods, since even an anonymous intruder acting from the Internet has sufficient opportunity to conduct a variety of attacks. This article presents the findings of several independent projects aimed at assessing the security of different elements (network communications, elements of relay protection and automatic equipment, SCADA, application software, small-scale power generation systems). This research does not claim to be complete. Security of communication
As can be seen in the NIST Smart Grid Framework model, different data communication lines exist between all the subjects. Therefore, the communication lines and application protocols are a substantial element of the attack surface, and the degree to which they are protected largely determines the security status of the entire system. Security audits at a number of power facilities in Europe have confirmed CIGRE’s conclusions3 that the IEC 61850 family of protocols currently in use have low tolerance to eavesdropping, session spoofing and man-in-the-middle attacks. However, despite the fact that IEC 61850 has been widely implemented, a practical assessment of security has demonstrated that standard ICS data communication protocols such as Modbus, S7, PROFINET, and IEC 60870-104, are widely used at power facilities. During our analysis, we prepared a number of tools for the identification, modification and fuzzing of communication protocols; some of these were published as open-source tools4 and presented at the Power of Community conference in Seoul, South Korea. The practical application of these tools enabled us to identify a number of unknown vulnerabilities in different systems, such as being able to disable a Siemens S7-1200 controller by sending Profinet packets5 . The findings of this research were used in a number of projects, including CRISALIS6 , Shodan. At the 4SICS conference in Stockholm, Sweden, John Matherly presented his project ICS Map7 , which is based on the Shodan system core, but scans systems using industrial protocols. This project can be used to identify industrial systems connected to the Internet. Figure 2. A map of Shodan IEC 60870-104 systems on the Internet (June 2017)
However, the attack surface is not limited to ICS protocols. During a presentation at the Chaos Communication Congress 30 conference8 , it was demonstrated that ICS components make widespread use of standard application layer protocols for remote administration and communication of information. In fact, only 2% of all detected ICS systems on the Internet used industrial communication protocols. Figure 3. Protocols used by ICS components detected online (December 2013) Further research has shown that many of the devices detected online are network hardware supporting internal or external communications of ICS systems. For example, it is stated in the 2016 Kaspersky Lab publication ‘Industrial Control Systems and their online availability’9 that around 28% of all ICS components detected on the Internet are network devices such as industrial grade routers, cellular modems, etc.
Figure 4. Types of ICS components reachable from the Internet (2016) To obtain a better understanding of possible attacks, a security assessment was carried out for network devices used in industrial systems such as Bintec, Digi, Moxa, Sierra Wireless. This analysis showed that such systems typically have low protection levels, and that there is an abundance of vulnerabilities that are easy to detect and exploit, such as hardcoded passwords, hardcoded SSH keys, weak mobile communications (2G/3G/4G), web management interface issues, and buffer overflows. If a potential intruder exploits one of these vulnerabilities, it enables them to modify network device configurations, monitor and redirect traffic, block network communications and/or gain unauthorized access to internal components of industrial systems. The findings were presented at the conference 32C3 in Germany10 . The appropriate manufacturers have now fixed most of the detected vulnerabilities.
Special mention should be made of the widespread use of global wireless networks, such as 2G/3G/4G mobile networks in the energy sector. Our research, which was presented at the conference PacSec, Japan 11 , demonstrated how vulnerabilities in core mobile network components (SGSN/GGSN), mobile modems and SIM cards can be used to intercept network communications and introduce unauthorized modifications, modify firmware installed on devices, and gain unauthorized access. Many of these attacks can be implemented from an arbitrary location and do not require a physical location close to the target. In April 2017, security incidents in several German banks were identified where cybercriminals exploited vulnerabilities in signaling networks to intercept text messages 12 . This demonstrates that such methods are available to groups of cybercriminals. Microgeneration For a fuller picture, it is necessary to look at the security risks around small-scale power generation from renewable sources. During our research project, we analyzed attack surfaces and searched for vulnerabilities in four popular solar and wind-driven power generation platforms: Solar-Log and SMA SunnyWebbox facilities, and in the Nordex NC2 portal which is used as a SCADA system for Nordex wind-driven power plants. The analysis showed that over 80,000 such systems are accessible on the Internet. Many of them do not require authorization before they provide data on the amounts of electric power produced and other technical information, so it is possible to passively estimate the capacity of power generation through an analysis of OSINT sources, such as Google’s cache.
Figure 5. Information on power generation from Solar Log By averaging the obtained data, we found that the average instantaneous power output of those systems that can be reached via the Internet is about 8 GW, a large part of which is produced in Europe. Another peculiarity of small generation facilities is that they make extensive use of cloud-based centralized management systems. With this approach, inverter management systems are connected to the centralized reporting system located at the site of the manufacturer or operator, and they send information there about the status of the systems, electrical power outputs, wind velocities, etc. In some cases, the centralized systems have certain control capabilities, e.g. they can update firmware of the inverter management systems. In that case, an attack on the management system can lead to mass unauthorized access to endpoint devices.
Figure 6. The web interface of GSE SpA, centralized power generation accounting system A superficial analysis has shown that most of these cloud-based solutions do not meet basic security requirements, so an attacker may be able to find a vulnerability in them that allows unauthorized access to the system13 . Therefore, management systems, including those that are cloud- based, must be taken into account when planning security upgrade programs. If we look at how well protected endpoint devices are, we can see that they have a very low level of resistance to external attacks. During our analysis, we detected a number of 0-day vulnerabilities within the firmware of such systems14 , including fixed and master passwords, insufficient authentication/authorization, weak cryptography, various types of buffer overflow. In most cases, the potential risk associated with the detected vulnerabilities enabled a potential threat actor, whether directly or indirectly, to gain full access to the device by executing an arbitrary code or downloading modified software. When combined with operational errors, such as the widespread use of default passwords, all of the above make these kinds of ‘home’ systems
an attractive target for attacks. This is currently the case for home routers and other Internet of things (IoT) devices that may be used to manipulate gauge readings, penetrate information systems of connected municipal electric grids, and carry out a variety of specific attacks to disrupt power system stability. Examples of such attacks are the sending of false information about power generation or consumption in an attempt to destabilize the power grid, or a new type of ransomware blocking the management systems of solar or wind-driven power generation. The current trend towards integration between microgeneration management systems and smart power meters only serves to provide cybercriminals with more opportunities. The findings were reported to the appropriate authorities and agencies, such as IMPACT, ENISA, ICS CERT, hardware manufacturers and to regional CERT teams, so they could inform device owners and block remote access to ICS systems from the Internet. Thanks to this project, more than 60,000 ICS components associated with microgeneration were disconnected from the Internet15 . Digital substations ICS systems used in industrial-scale power generation and distribution were also found to have low security levels. Here, the typical defects are the extensive use of obsolete or unsupported operating systems, weak protection tools, multiple vulnerabilities in SCADA and PLC, and unprotected network protocols. This, combined with low levels of network isolation and widespread use of under-protected radio communication channels, is the reason why a targeted or spontaneous cyberattack could easily be implemented. Recent security incidents involving Ukraine’s energy systems16 and the WannaCry case have demonstrated that standard attack methods, such as spear phishing or exploits for known vulnerabilities, are sufficient to penetrate internal ICS networks.
Figure 1. A centralized traffic control system blocked by the WannaCry worm Digital protective relays are a key component of digital substations. They are designed to promptly identify damaged components in electrical power systems in emergencies and isolate them from the system to ensure normal operation. In other words, they are an element of accident prevention. During our security assessment projects at power generation and distribution facilities, we analyzed digital protective relays of leading manufacturers, such as NARI Relays, Siemens, ABB, and General Electric. Different types of vulnerabilities were identified, including hardcoded management passwords, unpatched 61850 Stack, remote reboots, permanent DoS, and remote code execution. By exploiting combinations of vulnerabilities, attackers can manipulate operating parameters for systems or facilities, remotely control circuit breakers, disconnect and grounding switches, disrupt the proper operation of terminals, and even use them as intermediate platforms for malware distribution. The research findings were presented at the conferences Area 41 in Zurich 17 and RECON BRUSSELS 18 . Information about the detected vulnerabilities was reported to the appropriate manufacturers as part of a responsible disclosure policy. Some of the vulnerabilities have now been fixed by the vendors. Conclusions
The experience gained from cybersecurity analysis of Smart Grid technologies has demonstrated that electric grid systems are highly vulnerable to accidental or deliberate information impact. Despite the obvious economic benefits, implementation of Smart Grid creates the following potential cybersecurity problems: • widespread use of standard network technologies (TCP/IP, 3G/4G, WiFi), system and application technologies (OS, database management systems), and all their associated security problems; • blurring the boundaries of power system protection and the system control role, with the transfer of a number of emergency prevention functions; • blurring of the network perimeter and increased attack surfaces as a result of large numbers and various types of network devices with different owners, but that are connected in a single network; • minimal attention to cybersecurity issues by the designers and integrators of ICS components, leading to the emergence of large numbers vulnerabilities that are cheap to exploit. Consequently, modern Smart Grid implementations contain large numbers of system-wide and specific vulnerabilities both in individual components and in overall ICS systems and networks. Identifying and using these vulnerabilities requires an average level of expertise and a modest level of funds. The implications of such attacks vary from local fraud to negative physical impact on power substation components to large-scale network accidents. 1 Signalling cyber security: the need for a mission-centric approach Valentin Gapanovich, Efim Rozenberg and Sergey Gordeychik http://www.railjournal.com/index.php/signalling/signalling-cyber-security- the-need-for-a-mission-centric-approach.html 2 NISTIR 7628 Guidelines for Smart Grid Cyber Security Victoria Y. Pillitteri, Tanya L. Brewer, https://www.nist.gov/publications/guidelines-smart-grid- cybersecurity 3 The Impact of Implementing Cyber Security Requirements using IEC 61850 CIGRE Working Group the B5.38, August 2010 4 Alexander Timorin, Power of Community 2013 special release of ICS/SCADA toolkit, http://scadastrangelove.blogspot.com/2013/11/power-of-community- 2013-special-release.html 5 SSA-654382: Vulnerabilities in SIMATIC S7-1200 CPU, https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-654382.pdf
6 Marco Caselli, Frank Kargl, Dina Hadziosmanovic, “Device fingerprinting preliminary results”, http://www.crisalis-project.eu/sites/crisalis- project.eu/files/crisalis_deliverable-D4.1.pdf 7 Shodan, Industrial Control Systems https://www.shodan.io/explore/category/industrial-control-systems 8 Sergey Gordeychik, Gleb Gritsai, “30C3 releases: all in one”, http://scadastrangelove.blogspot.com/2014/01/30c3-releases-all-in-one.html 9 INDUSTRIAL CONTROL SYSTEMS AND THEIR ONLINE AVAILABILITY, Oxana Andreeva, Sergey Gordeychik, Gleb Gritsai, Olga Kochetova, Evgeniya Potseluevskaya, Sergey I. Sidorov, Alexander A. Timorin https://kasperskycontenthub.com/securelist/files/2016/07/KL_REPORT_ICS_A vailability_Statistics.pdf 10 The Great Train Cyber Robbery, Sergey Gordeychik, Alexander Timorin https://scadastrangelove.blogspot.com/2015/12/32c3-slides.html 11 "Root via SMS: 4G access level security assessment”, Sergey Gordeychik, Alexander Zaytsev, https://pacsec.jp/psj14/PSJ2014_Sergei-Alex_SCADASL%20- %20root%20via%20sms%20last.pdf 12 Fixing the cell network flaw that lets hackers drain bank accounts, Lily Hay Newman, https://www.wired.com/2017/05/fix-ss7-two-factor-authentication- bank-accounts/ 13 SQL Injection in Solar-Log WEB, https://vulners.com/ptsecurity/PT-2015-01 14 Sergey Gordeychik, Aleksandr Timorin: SCADA StrangeLove: Too Smart Grid in da Cloud http://scadastrangelove.blogspot.com/2014/12/31c3-too-smart-grid- in-da-cloud.html 15 Could hackers turn the lights out? Mark Ward, http://www.bbc.com/news/technology-35204921 16 Analysis of the Cyber Attack on the Ukrainian Power Grid, http://www.nerc.com/pa/CI/ESISAC/Documents/E- ISAC_SANS_Ukraine_DUC_18Mar2016.pdf 17 CYBER-PHYSICAL ATTACKS ON CRITICAL INFRASTRUCTURE Sergey Gordeychik, Alexander Timorin http://www.securitytube.net/video/16617 18 Hopeless Relay Protection for Substation Automation Kirill Nesterov, Alexander Tlyapov https://recon.cx/2017/brussels/talks/hopeless_relay_protection.html

Recommended

Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilitiesNirmal Thaliyil
 
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks
 
1678 1683
1678 16831678 1683
1678 1683Editor IJARCET
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsIJEACS
 
Cyber security of power grid
Cyber security of power gridCyber security of power grid
Cyber security of power gridP K Agarwal
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityBoston Global Forum
 
Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense NESslides
 
02 ibm security for smart grids
02 ibm security for smart grids02 ibm security for smart grids
02 ibm security for smart gridsIBM Italia Web Team
 

Recommended

Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilitiesNirmal Thaliyil
 
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks
 
1678 1683
1678 16831678 1683
1678 1683Editor IJARCET
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsIJEACS
 
Cyber security of power grid
Cyber security of power gridCyber security of power grid
Cyber security of power gridP K Agarwal
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityBoston Global Forum
 
Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense NESslides
 
02 ibm security for smart grids
02 ibm security for smart grids02 ibm security for smart grids
02 ibm security for smart gridsIBM Italia Web Team
 
Cloud computing security- critical infrastructures
Cloud computing security- critical infrastructuresCloud computing security- critical infrastructures
Cloud computing security- critical infrastructuresMohammed Saqib
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...University of Southern California
 
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSCYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSGeorge Wainblat
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733SIVA SASTHRI
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Leonardo ENERGY
 
Smart Grid Systems Based Survey on Cyber Security Issues
Smart Grid Systems Based Survey on Cyber Security IssuesSmart Grid Systems Based Survey on Cyber Security Issues
Smart Grid Systems Based Survey on Cyber Security IssuesjournalBEEI
 
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityCybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityLeonardo ENERGY
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodClubHack
 
Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Chinedu Opara
 
Cyber Security of Power grids
Cyber Security of Power grids Cyber Security of Power grids
Cyber Security of Power grids Jishnu Pradeep
 
Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...sidhota
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksPriyanka Aash
 
Iaona handbook for network security - draft rfc 0.4
Iaona handbook for network security - draft rfc 0.4Iaona handbook for network security - draft rfc 0.4
Iaona handbook for network security - draft rfc 0.4Ivan Carmona
 
3778975074 january march 2015 1
3778975074 january march 2015 13778975074 january march 2015 1
3778975074 january march 2015 1nicfs
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorEnergySec
 
Software Defined Network Based Internet on thing Eco System for Shopfloor
Software Defined Network Based Internet on thing Eco System for ShopfloorSoftware Defined Network Based Internet on thing Eco System for Shopfloor
Software Defined Network Based Internet on thing Eco System for ShopfloorIRJET Journal
 
Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?GENIANS, INC.
 
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...EnergySec
 
IoT Security Challenges
IoT Security ChallengesIoT Security Challenges
IoT Security ChallengesForest Interactive
 
Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksInternational Journal of Engineering Inventions www.ijeijournal.com
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA NetworksIJRES Journal
 

More Related Content

What's hot

Cloud computing security- critical infrastructures
Cloud computing security- critical infrastructuresCloud computing security- critical infrastructures
Cloud computing security- critical infrastructuresMohammed Saqib
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...University of Southern California
 
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSCYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSGeorge Wainblat
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733SIVA SASTHRI
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Leonardo ENERGY
 
Smart Grid Systems Based Survey on Cyber Security Issues
Smart Grid Systems Based Survey on Cyber Security IssuesSmart Grid Systems Based Survey on Cyber Security Issues
Smart Grid Systems Based Survey on Cyber Security IssuesjournalBEEI
 
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityCybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityLeonardo ENERGY
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodClubHack
 
Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Chinedu Opara
 
Cyber Security of Power grids
Cyber Security of Power grids Cyber Security of Power grids
Cyber Security of Power grids Jishnu Pradeep
 
Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...sidhota
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksPriyanka Aash
 
Iaona handbook for network security - draft rfc 0.4
Iaona handbook for network security - draft rfc 0.4Iaona handbook for network security - draft rfc 0.4
Iaona handbook for network security - draft rfc 0.4Ivan Carmona
 
3778975074 january march 2015 1
3778975074 january march 2015 13778975074 january march 2015 1
3778975074 january march 2015 1nicfs
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorEnergySec
 
Software Defined Network Based Internet on thing Eco System for Shopfloor
Software Defined Network Based Internet on thing Eco System for ShopfloorSoftware Defined Network Based Internet on thing Eco System for Shopfloor
Software Defined Network Based Internet on thing Eco System for ShopfloorIRJET Journal
 
Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?GENIANS, INC.
 
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...EnergySec
 

What's hot (20)

Cloud computing security- critical infrastructures
Cloud computing security- critical infrastructuresCloud computing security- critical infrastructures
Cloud computing security- critical infrastructures
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
 
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSCYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
 
Smart Grid Systems Based Survey on Cyber Security Issues
Smart Grid Systems Based Survey on Cyber Security IssuesSmart Grid Systems Based Survey on Cyber Security Issues
Smart Grid Systems Based Survey on Cyber Security Issues
 
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityCybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun Rathod
 
Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)
 
Cyber Security of Power grids
Cyber Security of Power grids Cyber Security of Power grids
Cyber Security of Power grids
 
Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & Frameworks
 
Iaona handbook for network security - draft rfc 0.4
Iaona handbook for network security - draft rfc 0.4Iaona handbook for network security - draft rfc 0.4
Iaona handbook for network security - draft rfc 0.4
 
3778975074 january march 2015 1
3778975074 january march 2015 13778975074 january march 2015 1
3778975074 january march 2015 1
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy Sector
 
Software Defined Network Based Internet on thing Eco System for Shopfloor
Software Defined Network Based Internet on thing Eco System for ShopfloorSoftware Defined Network Based Internet on thing Eco System for Shopfloor
Software Defined Network Based Internet on thing Eco System for Shopfloor
 
Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?
 
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
 
IoT Security Challenges
IoT Security ChallengesIoT Security Challenges
IoT Security Challenges
 

Similar to Practical analysis of cybersecurity in European smart grids

Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA NetworksIJRES Journal
 
IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED
 
A Defense-in-depth Cybersecurity for Smart Substations
A Defense-in-depth Cybersecurity for Smart SubstationsA Defense-in-depth Cybersecurity for Smart Substations
A Defense-in-depth Cybersecurity for Smart SubstationsIJECEIAES
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco
 
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Abhishek Goel
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetIvan Carmona
 
An Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLANAn Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLANrahulmonikasharma
 
An Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLANAn Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLANrahulmonikasharma
 
Cloud assisted io t-based scada systems security- a review of the state of th...
Cloud assisted io t-based scada systems security- a review of the state of th...Cloud assisted io t-based scada systems security- a review of the state of th...
Cloud assisted io t-based scada systems security- a review of the state of th...redpel dot com
 
Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Eng. Mohammed Ahmed Siddiqui
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
A new algorithm to enhance security against cyber threats for internet of thi...
A new algorithm to enhance security against cyber threats for internet of thi...A new algorithm to enhance security against cyber threats for internet of thi...
A new algorithm to enhance security against cyber threats for internet of thi...IJECEIAES
 
Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems aswanthmrajeev112
 

Similar to Practical analysis of cybersecurity in European smart grids (20)

Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA Networks
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA Networks
 
1678 1683
1678 16831678 1683
1678 1683
 
IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED-V2I2P15
IJSRED-V2I2P15
 
A Defense-in-depth Cybersecurity for Smart Substations
A Defense-in-depth Cybersecurity for Smart SubstationsA Defense-in-depth Cybersecurity for Smart Substations
A Defense-in-depth Cybersecurity for Smart Substations
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016
 
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinet
 
An Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLANAn Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLAN
 
An Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLANAn Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLAN
 
Cloud assisted io t-based scada systems security- a review of the state of th...
Cloud assisted io t-based scada systems security- a review of the state of th...Cloud assisted io t-based scada systems security- a review of the state of th...
Cloud assisted io t-based scada systems security- a review of the state of th...
 
Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
chile-2015 (2)
chile-2015 (2)chile-2015 (2)
chile-2015 (2)
 
A new algorithm to enhance security against cyber threats for internet of thi...
A new algorithm to enhance security against cyber threats for internet of thi...A new algorithm to enhance security against cyber threats for internet of thi...
A new algorithm to enhance security against cyber threats for internet of thi...
 
Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems
 
A05510105
A05510105A05510105
A05510105
 

More from Sergey Gordeychik

Vulnerabilities of machine learning infrastructure
Vulnerabilities of machine learning infrastructureVulnerabilities of machine learning infrastructure
Vulnerabilities of machine learning infrastructureSergey Gordeychik
 
MALIGN MACHINE LEARNING MODELS
MALIGN MACHINE LEARNING MODELSMALIGN MACHINE LEARNING MODELS
MALIGN MACHINE LEARNING MODELSSergey Gordeychik
 
AI for security or security for AI - Sergey Gordeychik
AI for security or security for AI - Sergey GordeychikAI for security or security for AI - Sergey Gordeychik
AI for security or security for AI - Sergey GordeychikSergey Gordeychik
 
Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...
Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...
Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...Sergey Gordeychik
 
SD-WAN Internet Census, Zeronighst 2018
SD-WAN Internet Census, Zeronighst 2018SD-WAN Internet Census, Zeronighst 2018
SD-WAN Internet Census, Zeronighst 2018Sergey Gordeychik
 
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment Sergey Gordeychik
 
Too soft[ware defined] networks SD-Wan vulnerability assessment
Too soft[ware defined] networks SD-Wan vulnerability assessmentToo soft[ware defined] networks SD-Wan vulnerability assessment
Too soft[ware defined] networks SD-Wan vulnerability assessmentSergey Gordeychik
 
Root via sms. 4G security assessment
Root via sms. 4G security assessment Root via sms. 4G security assessment
Root via sms. 4G security assessment Sergey Gordeychik
 
Recon: Hopeless relay protection for substation automation
Recon: Hopeless relay protection for substation automation Recon: Hopeless relay protection for substation automation
Recon: Hopeless relay protection for substation automation Sergey Gordeychik
 
The Great Train Robbery: Fast and Furious
The Great Train Robbery: Fast and FuriousThe Great Train Robbery: Fast and Furious
The Great Train Robbery: Fast and FuriousSergey Gordeychik
 
Cybersecurity Assessment of Communication-Based Train Control systems
Cybersecurity Assessment of Communication-Based Train Control systemsCybersecurity Assessment of Communication-Based Train Control systems
Cybersecurity Assessment of Communication-Based Train Control systemsSergey Gordeychik
 
Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016Sergey Gordeychik
 
SCADA StrangeLove Practical security assessment of European Smartgrid
SCADA StrangeLove Practical security assessment of European SmartgridSCADA StrangeLove Practical security assessment of European Smartgrid
SCADA StrangeLove Practical security assessment of European SmartgridSergey Gordeychik
 

More from Sergey Gordeychik (13)

Vulnerabilities of machine learning infrastructure
Vulnerabilities of machine learning infrastructureVulnerabilities of machine learning infrastructure
Vulnerabilities of machine learning infrastructure
 
MALIGN MACHINE LEARNING MODELS
MALIGN MACHINE LEARNING MODELSMALIGN MACHINE LEARNING MODELS
MALIGN MACHINE LEARNING MODELS
 
AI for security or security for AI - Sergey Gordeychik
AI for security or security for AI - Sergey GordeychikAI for security or security for AI - Sergey Gordeychik
AI for security or security for AI - Sergey Gordeychik
 
Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...
Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...
Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...
 
SD-WAN Internet Census, Zeronighst 2018
SD-WAN Internet Census, Zeronighst 2018SD-WAN Internet Census, Zeronighst 2018
SD-WAN Internet Census, Zeronighst 2018
 
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
 
Too soft[ware defined] networks SD-Wan vulnerability assessment
Too soft[ware defined] networks SD-Wan vulnerability assessmentToo soft[ware defined] networks SD-Wan vulnerability assessment
Too soft[ware defined] networks SD-Wan vulnerability assessment
 
Root via sms. 4G security assessment
Root via sms. 4G security assessment Root via sms. 4G security assessment
Root via sms. 4G security assessment
 
Recon: Hopeless relay protection for substation automation
Recon: Hopeless relay protection for substation automation Recon: Hopeless relay protection for substation automation
Recon: Hopeless relay protection for substation automation
 
The Great Train Robbery: Fast and Furious
The Great Train Robbery: Fast and FuriousThe Great Train Robbery: Fast and Furious
The Great Train Robbery: Fast and Furious
 
Cybersecurity Assessment of Communication-Based Train Control systems
Cybersecurity Assessment of Communication-Based Train Control systemsCybersecurity Assessment of Communication-Based Train Control systems
Cybersecurity Assessment of Communication-Based Train Control systems
 
Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016
 
SCADA StrangeLove Practical security assessment of European Smartgrid
SCADA StrangeLove Practical security assessment of European SmartgridSCADA StrangeLove Practical security assessment of European Smartgrid
SCADA StrangeLove Practical security assessment of European Smartgrid
 

Recently uploaded

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 

Recently uploaded (20)

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 

Practical analysis of cybersecurity in European smart grids

  • 1. Practical analysis of the cybersecurity of European smart grids Gleb Gritsai, Alexander Timorin, Kirill Nesterov, Alexander Tlyapov, Sergey Gordeychik Abstract This paper summarizes the experience gained during a series of practical cybersecurity assessments of various components of Europe’s smart electrical grids. Keywords Cybersecurity, SIL, industrial control system (ICS), IEC 61850, Smart Grid, smart grids, vulnerabilities, relay protection Introduction Smart grid technologies are now being widely implemented across Europe. To a large extent this trend reflects a focus on energy efficiency and the mass adoption of mini- and microgeneration renewable electric power sources. The main regulatory guide in this field is Directive 2009/28/EC of the European Parliament and Council of 23 April 2009; this document sets the target of achieving 20% power generation from renewable sources by 2020, and 80% by 2050. In this article, we summarize the experience gained during a number of practical security assessments of various components of Europe’s smart grids. Scope of work In this article, we define industrial control system (ICS) cybersecurity as the process of ensuring operation of a management object with no dangerous failures or inadmissible damage. It also implies the target level of economic efficiency and reliability being maintained under the conditions of a purposeful negative human-induced information impact. This definition makes it possible to apply a mission-centric approach1 to a security assessment and to use existing industrial and functional security, reliability theory for risk assessment and threat
  • 2. modeling. The findings of this analysis will be published in our subsequent papers. The main objects of the research were determined based on NISTIR 7628 Guidelines for Smart Grid Cyber Security2 . Figure 1. Electricity flows and communication lines in the NIST Smart Grid Framework model For the purposes of this research, the basic model envisaged an anonymous intruder with average skills and acting over the Internet. This adequately models the capabilities of a motivated group of ‘hacktivists’ or of a medium-budget industrial espionage campaign or criminal operation. In our research we did not look at attack vectors associated with CVSS adjacent networks, including local radio networks. The results of our work showed that at the current time it is impractical to consider more complex intruder models or attack methods, since even an anonymous intruder acting from the Internet has sufficient opportunity to conduct a variety of attacks. This article presents the findings of several independent projects aimed at assessing the security of different elements (network communications, elements of relay protection and automatic equipment, SCADA, application software, small-scale power generation systems). This research does not claim to be complete. Security of communication
  • 3. As can be seen in the NIST Smart Grid Framework model, different data communication lines exist between all the subjects. Therefore, the communication lines and application protocols are a substantial element of the attack surface, and the degree to which they are protected largely determines the security status of the entire system. Security audits at a number of power facilities in Europe have confirmed CIGRE’s conclusions3 that the IEC 61850 family of protocols currently in use have low tolerance to eavesdropping, session spoofing and man-in-the-middle attacks. However, despite the fact that IEC 61850 has been widely implemented, a practical assessment of security has demonstrated that standard ICS data communication protocols such as Modbus, S7, PROFINET, and IEC 60870-104, are widely used at power facilities. During our analysis, we prepared a number of tools for the identification, modification and fuzzing of communication protocols; some of these were published as open-source tools4 and presented at the Power of Community conference in Seoul, South Korea. The practical application of these tools enabled us to identify a number of unknown vulnerabilities in different systems, such as being able to disable a Siemens S7-1200 controller by sending Profinet packets5 . The findings of this research were used in a number of projects, including CRISALIS6 , Shodan. At the 4SICS conference in Stockholm, Sweden, John Matherly presented his project ICS Map7 , which is based on the Shodan system core, but scans systems using industrial protocols. This project can be used to identify industrial systems connected to the Internet. Figure 2. A map of Shodan IEC 60870-104 systems on the Internet (June 2017)
  • 4. However, the attack surface is not limited to ICS protocols. During a presentation at the Chaos Communication Congress 30 conference8 , it was demonstrated that ICS components make widespread use of standard application layer protocols for remote administration and communication of information. In fact, only 2% of all detected ICS systems on the Internet used industrial communication protocols. Figure 3. Protocols used by ICS components detected online (December 2013) Further research has shown that many of the devices detected online are network hardware supporting internal or external communications of ICS systems. For example, it is stated in the 2016 Kaspersky Lab publication ‘Industrial Control Systems and their online availability’9 that around 28% of all ICS components detected on the Internet are network devices such as industrial grade routers, cellular modems, etc.
  • 5. Figure 4. Types of ICS components reachable from the Internet (2016) To obtain a better understanding of possible attacks, a security assessment was carried out for network devices used in industrial systems such as Bintec, Digi, Moxa, Sierra Wireless. This analysis showed that such systems typically have low protection levels, and that there is an abundance of vulnerabilities that are easy to detect and exploit, such as hardcoded passwords, hardcoded SSH keys, weak mobile communications (2G/3G/4G), web management interface issues, and buffer overflows. If a potential intruder exploits one of these vulnerabilities, it enables them to modify network device configurations, monitor and redirect traffic, block network communications and/or gain unauthorized access to internal components of industrial systems. The findings were presented at the conference 32C3 in Germany10 . The appropriate manufacturers have now fixed most of the detected vulnerabilities.
  • 6. Special mention should be made of the widespread use of global wireless networks, such as 2G/3G/4G mobile networks in the energy sector. Our research, which was presented at the conference PacSec, Japan 11 , demonstrated how vulnerabilities in core mobile network components (SGSN/GGSN), mobile modems and SIM cards can be used to intercept network communications and introduce unauthorized modifications, modify firmware installed on devices, and gain unauthorized access. Many of these attacks can be implemented from an arbitrary location and do not require a physical location close to the target. In April 2017, security incidents in several German banks were identified where cybercriminals exploited vulnerabilities in signaling networks to intercept text messages 12 . This demonstrates that such methods are available to groups of cybercriminals. Microgeneration For a fuller picture, it is necessary to look at the security risks around small-scale power generation from renewable sources. During our research project, we analyzed attack surfaces and searched for vulnerabilities in four popular solar and wind-driven power generation platforms: Solar-Log and SMA SunnyWebbox facilities, and in the Nordex NC2 portal which is used as a SCADA system for Nordex wind-driven power plants. The analysis showed that over 80,000 such systems are accessible on the Internet. Many of them do not require authorization before they provide data on the amounts of electric power produced and other technical information, so it is possible to passively estimate the capacity of power generation through an analysis of OSINT sources, such as Google’s cache.
  • 7. Figure 5. Information on power generation from Solar Log By averaging the obtained data, we found that the average instantaneous power output of those systems that can be reached via the Internet is about 8 GW, a large part of which is produced in Europe. Another peculiarity of small generation facilities is that they make extensive use of cloud-based centralized management systems. With this approach, inverter management systems are connected to the centralized reporting system located at the site of the manufacturer or operator, and they send information there about the status of the systems, electrical power outputs, wind velocities, etc. In some cases, the centralized systems have certain control capabilities, e.g. they can update firmware of the inverter management systems. In that case, an attack on the management system can lead to mass unauthorized access to endpoint devices.
  • 8. Figure 6. The web interface of GSE SpA, centralized power generation accounting system A superficial analysis has shown that most of these cloud-based solutions do not meet basic security requirements, so an attacker may be able to find a vulnerability in them that allows unauthorized access to the system13 . Therefore, management systems, including those that are cloud- based, must be taken into account when planning security upgrade programs. If we look at how well protected endpoint devices are, we can see that they have a very low level of resistance to external attacks. During our analysis, we detected a number of 0-day vulnerabilities within the firmware of such systems14 , including fixed and master passwords, insufficient authentication/authorization, weak cryptography, various types of buffer overflow. In most cases, the potential risk associated with the detected vulnerabilities enabled a potential threat actor, whether directly or indirectly, to gain full access to the device by executing an arbitrary code or downloading modified software. When combined with operational errors, such as the widespread use of default passwords, all of the above make these kinds of ‘home’ systems
  • 9. an attractive target for attacks. This is currently the case for home routers and other Internet of things (IoT) devices that may be used to manipulate gauge readings, penetrate information systems of connected municipal electric grids, and carry out a variety of specific attacks to disrupt power system stability. Examples of such attacks are the sending of false information about power generation or consumption in an attempt to destabilize the power grid, or a new type of ransomware blocking the management systems of solar or wind-driven power generation. The current trend towards integration between microgeneration management systems and smart power meters only serves to provide cybercriminals with more opportunities. The findings were reported to the appropriate authorities and agencies, such as IMPACT, ENISA, ICS CERT, hardware manufacturers and to regional CERT teams, so they could inform device owners and block remote access to ICS systems from the Internet. Thanks to this project, more than 60,000 ICS components associated with microgeneration were disconnected from the Internet15 . Digital substations ICS systems used in industrial-scale power generation and distribution were also found to have low security levels. Here, the typical defects are the extensive use of obsolete or unsupported operating systems, weak protection tools, multiple vulnerabilities in SCADA and PLC, and unprotected network protocols. This, combined with low levels of network isolation and widespread use of under-protected radio communication channels, is the reason why a targeted or spontaneous cyberattack could easily be implemented. Recent security incidents involving Ukraine’s energy systems16 and the WannaCry case have demonstrated that standard attack methods, such as spear phishing or exploits for known vulnerabilities, are sufficient to penetrate internal ICS networks.
  • 10. Figure 1. A centralized traffic control system blocked by the WannaCry worm Digital protective relays are a key component of digital substations. They are designed to promptly identify damaged components in electrical power systems in emergencies and isolate them from the system to ensure normal operation. In other words, they are an element of accident prevention. During our security assessment projects at power generation and distribution facilities, we analyzed digital protective relays of leading manufacturers, such as NARI Relays, Siemens, ABB, and General Electric. Different types of vulnerabilities were identified, including hardcoded management passwords, unpatched 61850 Stack, remote reboots, permanent DoS, and remote code execution. By exploiting combinations of vulnerabilities, attackers can manipulate operating parameters for systems or facilities, remotely control circuit breakers, disconnect and grounding switches, disrupt the proper operation of terminals, and even use them as intermediate platforms for malware distribution. The research findings were presented at the conferences Area 41 in Zurich 17 and RECON BRUSSELS 18 . Information about the detected vulnerabilities was reported to the appropriate manufacturers as part of a responsible disclosure policy. Some of the vulnerabilities have now been fixed by the vendors. Conclusions
  • 11. The experience gained from cybersecurity analysis of Smart Grid technologies has demonstrated that electric grid systems are highly vulnerable to accidental or deliberate information impact. Despite the obvious economic benefits, implementation of Smart Grid creates the following potential cybersecurity problems: • widespread use of standard network technologies (TCP/IP, 3G/4G, WiFi), system and application technologies (OS, database management systems), and all their associated security problems; • blurring the boundaries of power system protection and the system control role, with the transfer of a number of emergency prevention functions; • blurring of the network perimeter and increased attack surfaces as a result of large numbers and various types of network devices with different owners, but that are connected in a single network; • minimal attention to cybersecurity issues by the designers and integrators of ICS components, leading to the emergence of large numbers vulnerabilities that are cheap to exploit. Consequently, modern Smart Grid implementations contain large numbers of system-wide and specific vulnerabilities both in individual components and in overall ICS systems and networks. Identifying and using these vulnerabilities requires an average level of expertise and a modest level of funds. The implications of such attacks vary from local fraud to negative physical impact on power substation components to large-scale network accidents. 1 Signalling cyber security: the need for a mission-centric approach Valentin Gapanovich, Efim Rozenberg and Sergey Gordeychik http://www.railjournal.com/index.php/signalling/signalling-cyber-security- the-need-for-a-mission-centric-approach.html 2 NISTIR 7628 Guidelines for Smart Grid Cyber Security Victoria Y. Pillitteri, Tanya L. Brewer, https://www.nist.gov/publications/guidelines-smart-grid- cybersecurity 3 The Impact of Implementing Cyber Security Requirements using IEC 61850 CIGRE Working Group the B5.38, August 2010 4 Alexander Timorin, Power of Community 2013 special release of ICS/SCADA toolkit, http://scadastrangelove.blogspot.com/2013/11/power-of-community- 2013-special-release.html 5 SSA-654382: Vulnerabilities in SIMATIC S7-1200 CPU, https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-654382.pdf
  • 12. 6 Marco Caselli, Frank Kargl, Dina Hadziosmanovic, “Device fingerprinting preliminary results”, http://www.crisalis-project.eu/sites/crisalis- project.eu/files/crisalis_deliverable-D4.1.pdf 7 Shodan, Industrial Control Systems https://www.shodan.io/explore/category/industrial-control-systems 8 Sergey Gordeychik, Gleb Gritsai, “30C3 releases: all in one”, http://scadastrangelove.blogspot.com/2014/01/30c3-releases-all-in-one.html 9 INDUSTRIAL CONTROL SYSTEMS AND THEIR ONLINE AVAILABILITY, Oxana Andreeva, Sergey Gordeychik, Gleb Gritsai, Olga Kochetova, Evgeniya Potseluevskaya, Sergey I. Sidorov, Alexander A. Timorin https://kasperskycontenthub.com/securelist/files/2016/07/KL_REPORT_ICS_A vailability_Statistics.pdf 10 The Great Train Cyber Robbery, Sergey Gordeychik, Alexander Timorin https://scadastrangelove.blogspot.com/2015/12/32c3-slides.html 11 "Root via SMS: 4G access level security assessment”, Sergey Gordeychik, Alexander Zaytsev, https://pacsec.jp/psj14/PSJ2014_Sergei-Alex_SCADASL%20- %20root%20via%20sms%20last.pdf 12 Fixing the cell network flaw that lets hackers drain bank accounts, Lily Hay Newman, https://www.wired.com/2017/05/fix-ss7-two-factor-authentication- bank-accounts/ 13 SQL Injection in Solar-Log WEB, https://vulners.com/ptsecurity/PT-2015-01 14 Sergey Gordeychik, Aleksandr Timorin: SCADA StrangeLove: Too Smart Grid in da Cloud http://scadastrangelove.blogspot.com/2014/12/31c3-too-smart-grid- in-da-cloud.html 15 Could hackers turn the lights out? Mark Ward, http://www.bbc.com/news/technology-35204921 16 Analysis of the Cyber Attack on the Ukrainian Power Grid, http://www.nerc.com/pa/CI/ESISAC/Documents/E- ISAC_SANS_Ukraine_DUC_18Mar2016.pdf 17 CYBER-PHYSICAL ATTACKS ON CRITICAL INFRASTRUCTURE Sergey Gordeychik, Alexander Timorin http://www.securitytube.net/video/16617 18 Hopeless Relay Protection for Substation Automation Kirill Nesterov, Alexander Tlyapov https://recon.cx/2017/brussels/talks/hopeless_relay_protection.html