Worm could bring down US power grid

The idea of hackers bringing down power grids may sound like a far-fetched plot from the current series of 24, but a security firm insists it’s a genuine threat.

The threat is now a possibility because of the use of a technology known as Smart Grids. This involves around two million devices, largely wireless, which send data back and forth between power stations and homes. The idea is to better manage demand for electricity based on the actual needs customers have at any moment.

Unfortunately security researchers at Seattle-based IOActive say they’ve proven the devices are vulnerable to hacking. Using equipment costing $500 they were able to create a worm virus which spread rapidly across the meters in the network.

Naturally the researchers didn’t do any serious damage: according to PCWorld they simply tweaked the meters so that their LCD screens displayed the word ‘pwned’ rather than the meter readings. But the researchers believe a similar technique would allow hackers to either remotely shut down the supply to customers, or send bogus increased demands for power to a station causing blackouts. Such an attack could cause a knock-on effect to other stations in the network.

The firm has passed on its findings to officials and is not making the precise details public. However, it’s thought the technique involved exploiting a bug in a chip used in the meters.

A malicious attack on the electricity network may seem unthinkable, but last year the National Journal claimed Chinese military and government officials may have been behind two blackouts in 2003. It reports a theory that a Chinese hacker who was intending to gather data on power systems had either made a mistake or got carried away and wound up triggering the blackout.