Last month, public reports from ESET and Dragos outlined a new, highly capable Industrial Controls Systems (ICS) attack platform — the one reportedly used in 2016 against critical utilities infrastructure in Ukraine.
CRASHOVERRIDE (alternately named Industroyer), the malware framework used on a cyberattack on the Ukraine electric grid in 2016, hit an electric transmission station near Kiev, blacking out a sizable portion of the city. Attackers overwrote firmware on critical devices at 16 substations, leaving them unresponsive to any remote commands from operators.
As a result of the attacks, 80,000 customers went without electricity for six hours in winter, and workers had to control the substations and breakers manually. The attack itself only lasted an hour, but cybersecurity experts are concerned that the attack was used as proof of concept, rather than a full demonstration of the malware’s capability, which suggests that a more complex, serious attack may be in the works. The Kiev attack is only the second-known case of malicious code used to disrupt physical systems — the United States and Israel employed the first, Stuxnet, to destroy centrifuges in an Iranian nuclear enrichment facility in 2009.
A company in the United States called Full Spectrum Inc. has come up with a way to mitigate the risks of such attacks through the provision of private broadband cellular data networks to utility companies.
Full Spectrum’s network radios enable wide-area intelligence networks for smart grids, smart pipes, smart fields, and any other mission-critical networks that need internet protocol connectivity. In the United States, there are roughly 3,300 electric utility companies and each of them has to manage its assets securely and reliably. The physical communications network is a “critical component of the connectivity,” according to Full Spectrum CEO Stewart Kantor.
“[We developed] our technology … so utility companies could, with very little infrastructure, cover huge portions of their service territories,” Kantor said. “4G and 5G technology offered by the commercial wireless industry is short-range … and very expensive. We designed our broadband digital wireless technology … to use very tall tower sites with high power radios at both the base stations and remote radio sites using licensed VHF and UHF frequencies. One of our base stations provides coverage up to 8,000 square kilometers, versus 80 square kilometers with 4G and 8 square kilometers with 5G.”
The company uses several different licensed VHF and UHF frequencies in adaptable channel sizes — a capability that is unique to its radio technology. The Electric Power Research Institute (EPRI), one of the world’s leading utility research institutions, has even proposed using Full Spectrum’s technology as a new worldwide wireless standard for industrial networks.
Kantor said that the deployment of utility smart meters in the 2000s provided visibility into real-time customer usage but did not provide the utilities with the ability to “adjust” supply and demand in the grid in real time. Full Spectrum’s new private wireless technology bridges that gap by providing a secure and reliable network for higher-level grid functions like substation automation and distribution automation (DA), including circuit breakers, switches, capacitor bank controllers, and even solar inverters.
In a private network, the utility companies own, operate, and control the system, and can keep it either completely off the public internet or with only very short periods of secure internet connectivity.
What happens with a utility cyberattack?
An attack like CHRASHOVERRIDE is capable of directly controlling electricity substation switches and circuit breakers. It manipulates globally-common industrial communication protocols in power supply infrastructure, transportation control systems, and other critical infrastructure. The potential impact may range from simply turning off power distribution, triggering a cascade of failures, to more serious damage to equipment.
“There are a variety of vehicles for malware to infiltrate a network,” Kantor said. “A co-worker could introduce a thumb drive that has the virus that then gets distributed to the network controlling the RTUs. It can be hidden in the controller software from the vendor, and so on. The bottom line is that the combination of physical and digital isolation creates a higher level of security and protection and can also reduce recovery time.”
Let’s take an attack of multiple major fiber cuts to the commercial providers, like what happened in the Bay Area in 2009 or during the Coyote Point Substation attack. The fiber cuts revealed that much commercial internet traffic was carried over the same fiber points of presence for all providers. Such attacks would have a huge, disastrous impact on a utility company if they were relying on a commercial network.
Securing areas through private networks
Full Spectrum recently announced that it will begin deploying its own private network service for companies that require secure and reliable networks but are not capable of running the network themselves. The first private network service will launch in the Metropolitan New York Area, followed by one in the San Francisco Bay Area.
“Our network in the New York Metro Area will initially cover up to 52,000 square kilometers with the ability to originate and terminate IP traffic without ever touching the public Internet,” Kantor said.
Private data networks will overlay an area with secure technology in case of an attack on a public network.
“So imagine someone begins to jam frequencies used by automated vehicles,” Kantor said. “Our network can serve as a backup safety network allowing things to come to a reasonable stopping place.”
Kantor envisions a private nationwide network with a variety of secure and reliable applications — conducting autonomous vehicle traffic, sensor traffic for perimeter security, radiation sensors with high-end sensing, and data networks for specific applications.
Mass adoption of Full Spectrum’s technology will be revolutionary in improving reliability and efficiency, and in replacing aging infrastructure.
Originally published at readwrite.com on July 6, 2017.