Yikes: a computer worm that targets the energy industry


As the power grid and energy companies embrace digital technology, wireless networks and big data, they’re being exposed to the same security risks that the Internet has become accustomed to. Last week security group Kaspersky Lab wrote (via Ars Technica) that they’d discovered malware targeting a company in the energy industry that could destroy data in a computer’s hard drive and make the computer unusable.

The computer worm, called Shamoon or Disttrack by different security firms, is being compared to a series of malware that targeted Iran’s nuclear program (and reportedly could have been created by a U.S.-Israeli team). But the new malware also stands out because it attempts to make the wiped data entirely uncoverable by overwriting disks with bits of data taken from the web, and also alerts the attacker to how many files were destroyed.

The energy industry and the power grid are particularly susceptible to this kind of attack. Utilities are slow moving entities and are only just starting to add in wireless networks, software and big data storage systems. Some, like former CIA director, James Woolsey, think the smart grid needs to wake up to these security concerns. Security execs have also shown how easy it is to hack a smart meter.

Networks that control things like oil systems, nuclear plants, or water facilities could also do a decent amount of damage if they are successfully attacked and controlled. Electrical fires and shutting off power and water access could be real concerns.

Some big data focused companies are starting to create tools for the energy industry. For example, a startup called Splunk has a tool for oil and natural gas pipeline networks that lets the pipeline owner detect changes in sensor data in real time, enabling the owner to detect if areas have stopped reporting or have under gone changes in pressure. A big data startup called Sqrrl just raised $2 million to build out technology to make big data applications more secure.

I think one of the issues is that all of that innovation and money being invested into “big data” these days needs to trickle down to applications and tools for the energy sector. If utilities and power companies are going to ultimately be IT firms, they should start benefiting from that ecosystem and innovation.

Image courtesy of Greyweed.


Rex Roehl

This article ignores the facts about the power grid. NERC, with approval by FERC, has mandatory cyber security standards for the electric industry. These are continung to evolve to meet the changing environment. Some would promote new legislation. Many cyber security experts resist because this locks in approaches that are quickly by-passed and ttends to hamstring industry innovations to meet the challenges. The NERC approach in new standards for performance based as opposed to prescriptive requirements is more nimble and more easily updated than legislation.

Joshua Goldbard

The problem here isn’t that the Power companies don’t know that this is a problem; they all know.

The problem is that, like Telecom, when you make a lot of money without changing anything for a long time, you tend to not make changes because of the associated risks.

Let’s take a real world example: Large Machinery for most hydroelectric dams still runs on COBOL.

How many engineers that know COBOL are still alive, let alone how many that know how to protect COBOL from modern-day threats (hint:0). The problem is way bigger than anyone imagines, and any step to rectify the situation is a step in the right direction.

Comments are closed.