Smart Grid Security | Smart Grid Cyber Security By Falgun Rathod

Falgun Rathod is one of the countries pioneer Information Security & Cyber Crime Consultant. Falgun has solved number of complex cyber crime cases and has also played an instrumental role in creating awareness about information security and cyber crimes. He is a Founder & Director of Cyber Octet Pvt Ltd - a Company providing Training on Ethical Hacking and Information Security as well as Cyber Crime Consultants. 

He has been assisting many agencies & companies and conducted numerous workshops and seminars in the Colleges about Information Security and Ethical Hacking. He is also the member of OWASP (open web application security project), invited member at ICTTF (International Cyber Threat Task Force), CSFI (Cyber Security Forum Initiative), DSCI (Data Security Council of India).He is also Invited Article Writer at PenTest Magazine based in Poland. He was featured in March 2012 Issue of PenTest Mag on the Cover Page of Magazine.

Cyber Crime Investigation and Consulting

275+ Cyber Crime Case solved with some of complex cases across India, US and Germany Providing assistance from Incident Response, Investigation, Forensics Analysis and Consulting with Legal Aspects.

Vulnerability Assessment and Penetration Testing

20+ Successful Clients Domestic and International for Network, Web Application and Mobile Vulnerability Assessment and Penetration Testing Services.

Ethical Hacking and Cyber Security Training

8000+ Students got Trained and Certified and more to come,Providing Basic, Advanced and Customised Training Curriculum for Students, Institutes, Corporates and Government.


Smart Grid Security by Falgun Rathod


  1.  SMART GRIDSECURITY
  2.  Who am I ? Falgun Rathod A Security Researcher An Investigator Managing Director & Founder – Cyber Octet (P) Ltd. Co-Chairman – PR Group of Companies (Cyber Octet (P) Ltd. & Elecorev Technogies (P) Ltd.) (IT & Security) (Electronics & AI)
  3.  SCADA
  4.  Automated Metering Infra
  5. What‟s a “Smart Grid?” Smart Grid is a developing Network of new Technologies, equipment, and controls working together to respond immediately to our 21st Century demand for electricity.
  6. What‟s a “Smart Grid?”
  7.  SmartGrid
  8. GAO Report – Released January 2011
  9.  Another View – Smart Grid Communications Network Sensors Regulatory Policy and and Rule- making Grid Control Enhanced Plug In Electric Flexibility & Control Congestion Hybrid Vehicles Management Guided By… DistributedAnd Renewable Energy Energy SGCN Results… Efficiency Demand Response Supported By… Data, Analytics, and Information Smart Meters and Communications Security Open and Ubiquitous New Communication Devices Voltage and Systems Stability Generation Custom Applications Enterprise Integration
  10. Evolution of Electrical Utility Risks PAST PRESENT NEAR FUTURE HARD-WIRED CONTROL SCADA / RF ENABLED SMART GRID / RF PERVASIVE Most controls are “hard  Intense financial  Control inside-the-home of all wired” AND require pressure to reduce appliances manual intervention staffing; hence more  Wide use of 802.x, ZigBee, X10 “remote” RF methodologies Lesser public availability of RF  Computerization and RF  Uncertain Software Provenance, devices control common in all Packaged Code and Offshore industries Development Zero-Day Attacks Little capability for damage to or financial  Project implementation  Increased organized crime/ benefit from RF attacks excellence not always terrorist focus followed by outstanding Cost-plus charging – “If security operations  Potential for damage to, and we need it, we‟ll do it! If “net” theft by, every customer we can‟t do it, we‟ll buy  SCADA hacking can it!” cause  Revenue/Risk Asymmetry for „ “wholesale” damage each customer Clear regulatory and to neighborhoods and  Transition to IP and Windows financial landscape equipment “Monoculture” for RF devices  Uncertain regulatory,  Increased public and regulatory audit, and liability Scrutiny landscape
  11. GRIDS can be Hacked
  12. Overview of Cyber Security – Threats Admin Operator Perform SQL Admin ARP Scan EXEC Opens Email Send e-mail with Malware with malware Acct Operator Internet4. 1. Hacker sends anan ARP (Address Hacker performs e-mail with malware Resolution Protocol) Scan Master 2.E-mail recipient opens the e-mail and the DB5. Once the Slaveinstalled quietlyfound, hacker malware gets Database is 3. Using the information command sends an SQL EXEC that malware Slave Database gets, hacker is able to take control of the e-6. Performs another ARP Scan RTU mail recipient‟s PC!7. Takes control of RTU Example from 2006 SANS SCADA Security Summit, INL
  13. Overview of Cyber Security – Threats Cyber Penetration Attacker Communications Controls the Performs Network (WAN) Head End Remote AMCCAttacker Disconnect (Advanced Metering Control Computer) Communications Network (WAN) Retailers 3rd Parties AMI WAN AMI WAN AMI WAN Data Management Systems (MDM/R) U N IV ER S IT Y Example from AMRA Webinar, Nov ’06 “The Active Attacker”
  14. Cyber Security Challenges The challenge is complex and continuously changing Legacy systems need to be protected Number and geographic location of end points Relationship to physical security Systems are 7x24 and critical The human element / social engineering
  15. Cyber Solutions - Defense in Depth Perimeter Protection  Firewall, IPS, VPN, AV  Host IDS, Host AV DMZ  Physical Security Interior Security  Firewall, IDS, VPN, AV  Host IDS, Host AV  IEEE P1711 (Serial Connections)  NAC  Scanning IDS Intrusion Detection System IPS Intrusion Prevention System Monitoring DMZ DeMilitarized Zone Management VPN Virtual Private Network (encrypted) Processes AV Anti-Virus (anti-malware) NAC Network Admission Control
  16. “LAYERS” OF CONCERN
  17. Physical Layer Security Natural Disasters  Snow Storms  Hurricanes  Solar Flares  Geomagnetic Storms  Earthquakes  Flooding  Volcanoes Recognize that Location of the Smart Grid Components Can Be Affected by the Surrounding Environment
  18. Physical Layer Security (2)Steal the Meters – Sell the Devices RESPONSE: METER “LAST GASP” ALERTS WHEN DISCONNECTED
  19. Physical Layer Security (3) Tamper with the Meter  Cause Meter to Stop Reading - Disconnect Cause Meter to Mis-Read (or Reverse)  Inject Malware Modify Encryption  Modify Authentication Mechanism • July 2009 – Black Hat Conference • IOActive, Seattle InfoSec Firm • Proof of Concept – 24 Hours Caused 15,000 of 22,000 Home Smart Meters Taken Over by Malware/Worm
  20.  Physical & Cyber Opening the Meter Accessing Exposed Ports and Connectors  Intercept Data Between Microcontroller and Radio Infrared Port Attack/Hack
  21. Cyber Layer Security The Biggest Opportunity for Trouble “The Last Mile” Issues Remember – Added Complexity Causes Concerns
  22. “Last Mile”Broadband Power Line Systems Power Line Carrier Systems Public Switched Telephone Network (PSTN) Cat5/6 Network Connection Radio Frequency  WiMax  ZigBee  6LoWPAN  802.11x  Cellular (CDMA/EVDO, GSM, LTE)
  23.  Cyber Attacks Remember C I A  Confidentiality Attacks Reading, “Sniffing” the data Integrity Attacks  Changing the Data  Availability Attacks  Denial of Service – Prevent Use of Service
  24. Confidentiality Attacks Buffer Overflow  Inject Data that is too “Big” for the Meter/System  Predominantly Caused by Bad Software Development Snooping / Sniffing  Reading / Capturing the Data between Meter and Collector and Vice Versa  Also Internal to Meter Between Microcontroller and Radio  A Reason for Encryption – “Cleartext is Bad”Hacking the Encryption  Some Protocols Easy to Break  Causes – Weak Keys, Weak Protocols, Weak Initialization Vectors Man-in-Middle Attack “Bit Flipping” Attacks (Weak Integrity Functions) Breaking Into Password Storage on Devices“Race Condition” Exploits  A race condition is of interest to a hacker when the race condition can be utilized to gain privileged system access.
  25. Integrity Attacks Key: Change the Data Replay Attacks (Man-in-the- Middle) Why?  Change the Bill (Up or Down)  Modify Usage Data Use Data for Fraud Use as Alias  “Gee Officer, I wasn‟t home that night!”
  26. Storage ConsiderationsCosts for More Data Centers and StorageError HandlingData Analytics and Business Intelligence ResourcesSecurity of Data – Static and Dynamic…Stored or in TransitPrivacy of Data – Consider EU Privacy LawsConsumer Education RequirementsAuditing, Reporting, Regulatory Impacts


Share on Google Plus

About Mahakalbeststatus

This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.

1 comments:

  1. MorrisGray830 At gmail Dot Com, is the man for the job ) This man is dedicated to his work and you can trust him more than yourself. I contacted him a year and a half Ago and he didn't succeed. when i got ripped of $491,000 worth of bitcoins by scammers, I tried several recovery programs with no success too. I kept on. And now after so much time Mr Morris Gray contacted me with a success, and the reward he took was small because obviously he is doing this because he wants to help persons like me who fell for crypto scam, and love his job. Of course he could have taken all the coins and not tell me , I was not syncing this wallet for a year, but he didn't. He is the MAN guys , He is! If you have been a victim of crypto scam before you can trust Morris Gray 10000000%. I thought there were no such good genuine guys anymore on earth, but Mr Morris Gray brought my trust to humanity again. GOD bless you sir...you can reach him via ( MORRIS GRAY 830 at Gmaill dot com )

    ReplyDelete