Security guidelines aimed at zapping power industry cyberattacks, malfunctions

Based on input from the federal government, the North American Electric Reliability Corp., whose mission is to ensure the reliability of the bulk-power system, Thursday sent new security guidelines to about 2,000 electric-power operators to prevent compromise and malfunction of the grid.

The large motors and generators connected to the bulk-power system have to be turned on and off with considerable caution to prevent problems from occurring, notes Tim Roxey, manager of critical infrastructure protection at NERC. There are acknowledged gaps in protection -- something the industry since 2007 has named the "Aurora vulnerability" -- that could allow major disruptions to the power grid by throwing it out of sync through a potential cyberattack or simply an accident.

The Stuxnet worm and cyberwar: What happens next?

In what it's calling its second Aurora Alert, NERC sent new security guidelines to electric-power operators and asked them to provide feedback within 90 days respective to them and how their organizations might implement them.

Roxey says NERC's Aurora Alert is not directly related to the Stuxnet worm, which some security analysts believe was designed as a cyberwar attack against Iran's power grid by allowing an attacker to compromise industrial control systems.But the Aurora Alert, which is a set of technical specifications, is certainly intended to prevent unauthorized use of the bulk power-grid control or to simply prevent accidents that might happen by mistake.

The technical guidelines, issued as a recommendation-level alert, are not being publicly released due to their sensitivity. But this "technical library," as NERC is calling it, includes mitigation elements that fall into two broad categories called "Protection and Control Engineering Practices" and "Electronic and Physical Security Mitigation Measures." These touch on every aspect of power-plant operations in terms of networks and physical security.

According to Roxey, this would include everything from changes in dial-up modems used for remote-access to some electric-power facilities to every aspect of electric-power control, including operating systems. The guidelines do not, however, apply to business networks.

NERC says it's continuing to work with the federal government, including the Department of Energy and the Department of Homeland Security, as well as industry experts, to provide more information to the North American electric-power industry about the Aurora vulnerability and mitigation as it becomes available.

While the electric-power industry already has the Critical Infrastructure Protection (CIP) standards, those apply to what are considered specific critical segments such as SCADA operations; the Aurora Alert recommendations are said to cover an even broader swatch of electric-power operation.

Right now, there are no expectations that this second Aurora Alert with its technical guidelines will become an official regimen of standards certification, but electric power companies are expected to review these technical guidelines and quickly respond back to NERC so that a dialog can be established about it.

"These are good engineering practices," Roxey says. The goal is to "take the risks off the table," he points out.

Read more about wide area network in Network World's Wide Area Network section.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cybercrimelegalanti-malwareStuxnet worm

More about LAN

Show Comments