14 DAY TRIAL // Have you ever imagined that someone could forcibly turn on air conditioner units across a city or city block and cause power grid blackouts in peak hours? According to two security researchers, the concept is not a theory anymore, and using current-day equipment this is perfectly doable.
Speaking at the Security Analyst Summit (SAS 2016) held in Tenerife, Spain, Vasilios Hioureas from Kaspersky Lab and Thomas Kinsey from Exigent Systems showed how threat actors could spend as little as $50 (€45) and have the hardware capabilities to bring down electric grids during peak hours.
The attack scenario revolves around a special device which energy companies supply to consumers that are willing the deploy them. These are simple switching mechanisms which allow the energy supplier to turn off the customer's air conditioner unit when the power grid approaches peak consumption.
Customers that agree to use these devices can save $200 (€180) each year on their energy bill, and also help prevent power grid blackouts.
Attackers can jam the energy supplier commands and broadcast their own
According to the two researchers, these devices are susceptible to radio jamming attacks. Someone that uses a similar device, broadcasting at the same frequency, but with a stronger signal, could overwrite the power grid's base station.
The only things an attacker would need to do is to discover the broadcasting frequency, and then sniff the network for a sample ON and OFF signal he could use later on.
Once the ON and OFF signals are acquired, he could use his own device, or collection of devices spread around the city, to bring down the power grid in peak consumption periods by forcing air conditioners on instead of off.
An attack like this would be useful for someone trying to cut power in his competitor's headquarters, to bring down alarm and CCTV systems, facilitating an unauthorized entry.
Patching the affected devices is sometimes impossible
The two researchers said that they are currently working with the manufacturers of some of these devices in order to fix existing problems. Unfortunately, the issue is not as simple.
The two discovered that most of these devices are more than five years old, meaning they're extremely outdated to support modern-day security features.
There were even cases where the researchers found devices that were using internal chips developed in 1995, on which it would have been impossible to run current-day firmware that employs authentication or encryption operations.