hacker trends from a smart grid perspective erwin kooi alliander it
TRANSCRIPT
Hacker trendsFrom a smart grid perspective
Erwin KooiAlliander IT security manager
Hacker Trends (from a Smart Grid perspective)
< 2014 in general
< 2014 in smart grid
Trends
“Where do we go from here”
< 2014 in general
< 2014 in smart grid
Trends
“Where do we go from here”
“Hacker” trends
< 2014 in general – researchers
< 2014 in general – researchers
< 2014 in general – activists
< 2014 in general – activists
< 2014 in general – activists
123456
< 2014 in general – criminals
< 2014 in general – criminals
< 2014 in general – governments
BLARNEY
BOUNDLESS INFORMANT
BULLRUN
CULTWEAVE
DEWSWEEPER
EGOTISTICAL GIRAFFE
EVILOLIVE
FALLOUT
FOXACIDGENIE IVY BELLS
MONEYROCKETSHIFTINGSHADOWYACHTSHOP
KLONDIKE
MESSIAH
MOONLIGHTPATH
OCEANARIUM
RENOIR
SHELLTRUMPET
STONE GHOST STORMBREW
TRAFFICTHIEFWHITETAMALE
< 2014 in general – governments
< 2014 in general – no attribution
Rise is spyware
Rise in non-networked malware
Rise in BGP redirects
MaaS (Malware as a Service)
Rise is spyware
Rise in non-networked malware
Rise in BGP redirects
MaaS (Malware as a Service)
< 2014 in smart grid
2013 Internet-connected PLC Austrian power grid malfunctions
2013 BMW accused of spying on AutoLib charging stations
2012 Smart meters hacked for profit by utility employees
2012 Aramco attack
2010 Stuxnet and derivates
2013 Internet-connected PLC Austrian power grid malfunctions
2013 BMW accused of spying on AutoLib charging stations
2012 Smart meters hacked for profit by utility employees
2012 Aramco attack
2010 Stuxnet and derivates
Trends
8 april 2014
Trends
Trends
Smart grids are not a target
• Most “attacks” are collateral damage or misconfiguration
• Read reports with care (understand the political landscape)…
Potential impact is huge, so “no need for security” is not an option
• Smart grid systems remain vulnerable
• Collateral damage sucks too
• Growing interest by asset owners
Smart grids are not a target
• Most “attacks” are collateral damage or misconfiguration
• Read reports with care (understand the political landscape)…
Potential impact is huge, so “no need for security” is not an option
• Smart grid systems remain vulnerable
• Collateral damage sucks too
• Growing interest by asset owners
, yet
“Where do we go from here?” (Marillion)
Build the grid for resilience (a smart grid without smart is still a grid)
This requires also non-cyber measures
This also requires close cooperation
with stakeholders (they need to “climb”)
Not everything needs to be “smart”
Build the grid for resilience (a smart grid without smart is still a grid)
This requires also non-cyber measures
This also requires close cooperation
with stakeholders (they need to “climb”)
Not everything needs to be “smart”
“Where do we go from here?”
Don’t be an attractive target, show that you care
Respond to (small) incidents
• Detect them
• Solve them
• Learn from them
Don’t be an attractive target, show that you care
Respond to (small) incidents
• Detect them
• Solve them
• Learn from them
“Where do we go from here?”
Be proactive
Know thy systems
Test them often
Demand fixes from your vendors
Expect shorter life cycles for secundary grid components
(cots is indeed cheap)
Be proactive
Know thy systems
Test them often
Demand fixes from your vendors
Expect shorter life cycles for secundary grid components
(cots is indeed cheap)
Questions?
