Cybercriminals may no longer need Stuxnet-like malware to infiltrate critical power grid infrastructure, only the IoT.
Princeton University researchers released a report that warns cyber attackers could attack power grids using IoT–powered botnets comprised of high wattage devices like heaters and air conditioning units. BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid, describes how the researchers conducted a series of proof-of-concept attacks that allowed such access.
Researches conducted theoretical attacks that can easily lead to outages, blackouts, or total grid failure. These Manipulation of Demand via IoT (MadIoT) attacks included:
- Sudden generation tripping
- Disruption of grid re-starts
- Line failures
- Increased system demand
Researchers successfully increased operational costs for select targets by manipulating energy consumption. They could further refine attacks to benefit specific energy providers.
Conclusions & Recommendations
Researchers theorize that attackers using this approach would no longer have to rely on Stuxnet-like malware to conscript devices or compromise critical infrastructure.
Theoretically, cyber attackers could use IoT botnets to simultaneously turn on or off several high wattage IoT devices to cause frequency instability or a supply and demand imbalance.
“The IoT botnets attacks sources are hard to detect and disconnect by the grid operator due to their distributed nature. These attacks can be easily repeated until being effective and are black-box since the attacker does not need to know the operational details of the power grid. These properties make countering the MadIoT attacks challenging,” the researchers said in the report.
The report recommends that grid operators immediately begin preparing for such attacks by implementing processes that allow systems to handle drastic load changes. Researchers also recommend that IoT device makers conduct more research on IoT vulnerabilities and increase device security.