With power grids increasingly targeted by domestic extremists in the US, Oregon State University (OSU) researchers are warning that a basic utility device can be corrupted. Digital devices called “smart meters” are commonly used by utility companies. They can measure customers’ electricity data or remotely shut off power to those with unpaid bills.[1] All this with the use of computers and hackers.
An OSU associate professor of electrical engineering and computer science at OSU said that hackers can use smart meters to cause variations in demand for what’s known as a “load oscillation attack.” “If some bad actor were able to coordinate hijacking some residential or commercial meters, they could propagate this cyberattack into causing some physical instabilities on the grid.”
An OSU release detailed how the study was conducted. Researchers used a model known as a time-domain grid protection simulator to demonstrate how causing the load to vary back and forth in a regular pattern – the load oscillation attack – can compromise transmission.
Oregon State University doctorate student Thabiso Mabote (left) and College of Engineering faculty member Eduardo Cotilla-Sanchez (right) put caution tape around a machine testbed. Machine testbeds are useful to validate machine dynamics in a time-domain simulation, as used in smart meter research.
“New technologies have been introduced to make our aging electricity infrastructure more efficient and reliable,” OSU reported. “At the distribution level, upgrades have included communication systems, distribution automation, local control and protection systems, and advanced metering infrastructure.
“The bad news is the upgrades also introduce new dimensions for attacking the power grid.”
One attack enabled by the new technologies involved hacking into the advanced metering infrastructure (AMI) and controlling the smart meter switches to cause load oscillations.
“Imagine calling everyone you know and saying, ‘OK, at 6 p.m., we are all going to turn the lights on,” OSU said. “Even if you got a couple of thousand people to do that, it would be unlikely to cause much instability because the grid can absorb fairly big changes in supply and demand – for example, solar panels, at the end of the day do not produce electricity and we can anticipate and compensate for that.
“But if a person were to remotely coordinate many smart meters to switch customers on and off at a particular frequency, that would be a problem.”
They said that that type of incident would start with someone performing reconnaissance by “poking” a couple of locations in a grid and using the information gained to estimate the grid’s destabilizing oscillation frequency. After determining which customer meters to turn on and off at that frequency – less than 1 Hertz or cycle per second – the attacker would be ready to launch an assault.
And comparatively speaking, an attack doesn’t need to involve that many meters.
“We juxtaposed our work with related recent grid studies and found that a well-crafted attack can cause grid instability while involving less than 2% of the system’s load,” OSU said.
OSU’s research was conducted to help utilities and security officials prepare against such attacks. The research has been published in the journal, IEEE Access.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
[1] https://www.klcc.org/science-technology/2023-05-09/osu-researchers-smart-meters-can-be-hacked-for-power-grid-sabotage
Comments