Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

Xie gave an example of how attackers could manipulate grid data to make money. By manipulating this data, an attacker could make it seem like a transmission line between two cities was simply congested. This would force grid operators to take power from more expensive generators, increasing prices at that node in the grid. Armed with this information, the attacker could place bets via an online power market to make a profit. “The virtual trader basically gambles against the price difference between the day-ahead market and the real-time market,” Xie says.

If someone wanted to cause a blackout, spurious data about how much power is flowing could be used to fool grid operators into overloading parts of the grid, tripping generators and leading to cascading failures. Again, if the attackers were careful, the erroneous data would go unnoticed. A blackout could then occur before grid operators have the chance to correct for the problem.

Fixing the vulnerability will not be easy either. It could take 20 years for utilities to replace old infrastructure with equipment with security measures, such as encryption. Requiring utilities to make the changes sooner would be expensive, says György Dán, a professor of electrical engineering at the Royal Institute of Technology in Sweden. Dán presented research separate from Xie on how such attacks could be accomplished, and what it will take to protect against them. A recent move to add more sensors to the grid, as part of a “smart grid” project that received $4.5 billion from the Recovery Act, could help. The researchers presenting at the conference showed that an attacker would have to corrupt more sensors to create a problem without getting caught.

On the other hand, adding these sensors, and the communication networks needed to access their data, could add new vulnerabilities by adding new points of entry. Deepa Kundur, a professor of electrical and computer engineering at Texas A&M, is developing simulations to help determine the risks involved. “It’s not yet clear whether the smart grid will be worth the risks,” she says.

8 comments. Share your thoughts »

Credit: Technology Review

Tagged: Energy, security, hackers, smart grid, cyber security, electric grid, power grid

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me