How an IoT botnet could disrupt the grid
- By Susan Miller
- Sep 26, 2019
Researchers at Princeton have developed algorithms that would help the electric grid quickly recover from overloads induced by attacks on high-wattage smart devices such as air conditioners.
The 2016 Mirai botnet attack on more than half a million internet-of-things devices around the world flooded Dyn's managed DNS infrastructure with traffic, making many websites temporarily inaccessible. The attack led the Princeton team to wonder what would happen if an adversary gained access to a botnet of high-wattage IoT devices within a specific area and turned them on and off to manipulate power demand.
Controlling 600,000 high-wattage devices would “give the adversary the ability to manipulate around 3,000 megawatts of power in an instant,” the equivalent to the output of a large nuclear power plant, said study author Prateek Mittal, an associate professor of electrical engineering. If power demands fluctuate substantially and abruptly, generators, which use automated systems to regulate power flow, will be automatically disconnected from the grid, triggering a large-scale blackout within seconds.
And unlike other threats to the power grid through cyberattacks on supervisory control and data acquisition (SCADA) systems, a manipulation-of-demand attack would not require the adversary to have specific knowledge of a grid’s structure, the researchers said.
So rather than try to protect the grid from such an attack, the team aimed to use algorithms to optimize responses to a power spike. By taking into account the capacity thresholds of transmission lines and the power generation capabilities of a grid, the algorithm computes solutions that redirect power flows and adjust generator activities to prevent line failures.
The researchers tested the performance and computed the operating costs of the algorithms on the New England 39-bus system, a power grid test case that reflects the structures of real power grids. They found that costs might increase of about 6%, but they also would boost a power grid's robustness to an attack that increases demand by 9%.
The likelihood of attacks on the grid by manipulating power demand of IoT devices is low but could increase in the future, according to a National Renewable Energy Laboratory official cited in an August 2019 Government Accountability Office report on cybersecurity risks to the grid. As more high-wattage systems and devices, such as building energy management systems and electric vehicles, are connected to the internet, this kind of attack could become more plausible, especially if vulnerabilities are discovered in the firmware of smart appliances, the official said.
Susan Miller is executive editor at GCN.
Over a career spent in tech media, Miller has worked in editorial, print production and online, starting on the copy desk at IDG’s ComputerWorld, moving to print production for Federal Computer Week and later helping launch websites and email newsletter delivery for FCW. After a turn at Virginia’s Center for Innovative Technology, where she worked to promote technology-based economic development, she rejoined what was to become 1105 Media in 2004, eventually managing content and production for all the company's government-focused websites. Miller shifted back to editorial in 2012, when she began working with GCN.
Miller has a BA and MA from West Chester University and did Ph.D. work in English at the University of Delaware.
Connect with Susan at [email protected] or @sjaymiller.