WikiLeaks and Stuxnet - Smart Grid Wakeup Calls

By Jon Arnold (ICP) December 02, 2010

The past couple of weeks have been pretty seminal for anyone concerned about the state of Internet security and the bigger picture as to how much we could – do – and should – trust the Web. These two strange words – WikiLeaks and Stuxnet – have suddenly entered our lexicon and there is a lot to be concerned about in the world of smart grid.

WikiLeaks has garnered more attention simply due to its scale and breadth of coverage. By exposing the unvarnished realities of global politics using the very tools that diplomats assumed would protect them, they make the security issues around social networking sites like Facebook seem trivial. The very fate of the free world rests in the hands of a few, and with some simple keystrokes, WikiLeaks has laid human nature bare for everyone to see. The intended effects have been achieved, not just by embarrassing the upper echelons of power, but by showing how vulnerable the Web can be.

By the way, I am in no way trying to minimize the privacy issues around Facebook. They are equally troubling giving how popular these sites are, and while Facebook serves far less noble purposes, they also show how fragile trust and privacy really are in the Internet world. WikiLeaks has far deeper consequences, but whether the players are highbrow or lowbrow, a great deal of collaborative activity can be quickly undone by a handful of clever and determined people.

Stuxnet is far more sinister, but given its most public incarnation, the lines between good and evil are less clear. Pretty much everyone in both the West and Arab world wants to stop Iran from acquiring nuclear power. No country has more to lose than Israel, and all the players know that Iran cannot practically be stopped from outside-in. Attempts to physically bomb these reactors as the Israelis bravely did in 1981 would be folly now, as Iran has learned its lesson from Osirak. Without veering into a geopolitical narrative, I’ll just say that the smarter way to go is from the inside-out, and that’s where Stuxnet comes in. It’s quite brilliant, really, and coming back to the good versus evil debate, the desired results can be achieved this way without loss of life or messy mass destruction.

In its native state, technology of course is amoral, and simply follows instructions. Stuxnet and WikiLeaks are great examples of this, and serve as timely flashpoints for smart grid. Whether good or evil intentions, they show the fragile state of Internet and software security. So many aspects of our lives depend on these elements, and until a major breach happens, we don’t realize how much we take these things for granted. In some ways, they are as basic to modern life as simple necessities like water, and look how easy it is to compromise our water supply. If you favor chemical or biological warfare, water is a very easy target, and could quickly bring our world to a standstill in a worst-case scenario. Software or Internet sabotage is no different – there is always someone out there smart enough and/or evil/angry enough to use these as vehicles to achieve a desired outcome.

This brings me to smart grid. After water and oxygen, energy is the most important life force for the modern world, and as smart grid evolves, software and the Web will play an increasingly central role. Just like we don’t build huge fences around every source of water, we don’t normally think of power stations as targets for attack. Of course, this thinking is prevalent in the telecom world, but as voice moves deeper into IP, all kinds of new vulnerabilities arise. Smart grid is on the same path, and as we’ve seen now with Stuxnet and WikiLeaks, threats can come from some very unlikely places.

Historically, power producers haven’t had much to worry about, as most energy generation has been local. Efforts to destabilize or incapacitate electricity would typically be on a small scale, and that doesn’t provide much leverage for someone looking to gain something. Smart grid, however, sets the stage for something grander, especially if the vision of a U.S. national grid is achieved. Clearly, the more centralized the grid becomes, the more attractive it is as a target. The power grid cannot be made redundant in the spirit of Arpanet, which was designed for this very purpose (to survive a nuclear holocaust).

I’m not a security expert, but the proximity of these two recent events – Stuxnet and WikiLeaks – should make these concerns a pressing issue for utilities. For starters, security cannot be minimized or assumed, and to protect yourself from the malicious doings, you have to think maliciously and expect that these forces are out there. Waiting to develop security safeguards only after a malicious event is not a winning strategy, especially for such costly infrastructure as smart grid. While smart grid offers great upside for utilities, there is a lot of new risk as well, and to mitigate that they should be probing Stuxnet and WikiLeaks for lessons learned any way they can.

Jon Arnold is co-founder of Intelligent Communications Partners (ICP), a strategic advisory consultancy focused on the emerging Smart Grid opportunity. To read more of his Smart Grid articles, please visit his columnist page.

Edited by Erin Monda

Founder, Intelligent Communications Partners

Related Articles

Columbia is the First Latin American Country to See Its Electric Grid Optimization Platform Go Live

By: Joe Rizzo    8/3/2015

Hydroelectricity is the most widely used form of renewable energy. The term refers to electricity generated by the use of the gravitational force of f…

Read More

An Open Letter to John Legere: 33,000 net-deactivations in Q2? How?

By: James Brehm    7/30/2015

In the last 24 hours, we have had countless people asking, "What in the world is going on at T-Mobile?" This is in response to T-Mobile's early press …

Read More

Brazil: Latin America's Largest M2M Market

By: Tara Seals    7/30/2015

Machine-to-machine connections are expected to make up a significant portion of overall Internet of Things (IoT)-related wireless connections going fo…

Read More

Industrial IoT Tech Drives Incredible Production, Creates Potential Problem

By: Ken Briodagh    7/28/2015

Chinese IoT company Jiangxi Outrace Technology has deployed M2M technology to enhance production capacity at an LED lighting facility, and also cut th…

Read More

How to Select the LPWAN Strategy for You

By: TMCnet Special Guest    7/24/2015

When selecting the LPWAN strategy several aspects need to be taken into account.

Read More