Emerging Threats: The Smart Home and Smart Grid Stuxnet

Emerging Threats: The Smart Home and Smart Grid Stuxnet

This post is also available in: heעברית (Hebrew)

19619738_sThe current concern for both privacy advocates and counterintelligence is that smart homes and smart appliances can be used to gather information about their environment and their users. While this threat is still emerging, a greater one looms on the horizon.  Smart homes and smart appliances are theoretically vulnerable to Stuxnet-like malware which can result in costly damages, or even injuries and fatalities.

Scenario 1:  The Simple Shutdown

According to Nat Sec Geek this is one of the best case scenarios for smart home malware.  In this instance, the affected smart devices simply shut down and will not turn back on.  Hot water heaters stop heating water, central air shuts down, fridges shut down and garage doors refuse to open.  While this would be disruptive for affected homes, it’s impact would be greatly magnified for corporate buildings, which are more likely to incorporate networked smart appliances.  The corporate office (or factory!) without central air would suffer a huge loss in morale, if not becoming outright unusable.  Restaurants would be devastated to find that their refrigeration units had stopped working overnight, and hotels would find themselves refunding clients who were unwilling to tolerate the climate control failure.

This would be the simplest to design and deploy, but thankfully also the simplest to repair.  It is possible the damage might not be reversible through a remote upgrade, but an on-site tech would be able to quickly restore the smart building to working order.

Scenario 2:  “Bricking” The Smart Devices

This scenario is similar to the first one, with the exception that the devices cannot be repaired.  The malware has caused some kind of damage that forces the device to be partially or entirely replaced, essentially turning it into a giant brick made of electronics.  The damage is both much more expensive and time consuming to repair, resulting in greater loses and disruptions for home users and businesses.  The Siemens (IW 1000/34) Electronic Works smart facility in Amberg, Germany fully exploits “smart” technology – if it were affected by malware as part of an economic and cyber war, the company would suffer considerable loses.

www.i-hls.com

Scenario 3:  Subtle Sabotage

Do you really want them to see everything?
Do you really want them to see everything?

The third scenario is the first one that can truly be compared to Stuxnet in terms of the ingenuity and complexity involved.  The malware in this scenario would target smart factories like the one in Amberg, but rather than cause the machines to stop working, part of the process is subtly sabotaged.  This would require an in-depth understanding of how the facility works, and what the quality control processes are.  This information could be obtained by any sufficiently motivated terrorist, government or corporate espionage organization.  The malware corrupts the construction process in some way so that the constructed devices are more likely not to work at all or to fail over time.  This can both erode consumer and investor confidence in a company and force the company into an expensive recall.

Scenario 4:  War and Electrical Mayhem

Smart grids are incredibly vulnerable to exploitation by cyber-oriented criminals and terrorists.  The true nightmare scenario would involve the electrical grid being struck by a piece of Stuxnet-like malware as the opening volley in a war against the United States, causing disruptions and confusion during the critical early moments of an international confrontation or while responding to a physical terrorist attack.  The best case version of this scenario would only see electricity cut off to major cities.  Government and emergency centers would be forced onto backup power supplies, while most businesses would be unable to function and homes were plunged into darkness.

In the worst case version of this scenario, the local electrical grid is not merely disabled, but weaponized.  The control centers of the grid would be taken over, causing electrical surges to be send to different buildings and different parts of the grid, resulting in overcurrent and overload of the electrical system and the wires itself.  Fuses are blown, circuits are tripped, and wires risk overheating and starting a fire.  Not only would this be an extremely disruptive prelude to an attack, it would be a cue allowing attackers to simultaneously launch their attacks at the moment of maximum vulnerability.

This may be the type of cyber-weapon that the Russian Business Network is rumored to be helping Iran develop.  This type of cyber-weapon is known to have been developed and deployed, but thankfully detected and neutralized before activation.

BcpIT650x90