Last November, Felix Lindner came very close to shutting down the power supply of Ettlingen, a town of almost 40,000 people in the south of Germany.
“We could have switched off everything: power, water, gas,” Lindner, head of Berlin-based Recurity Labs, an IT security company, said.
Fortunately for residents, Lindner’s cyber attack on its energy utility, Stadtwerke Ettlingen, was simulated. But he revealed how easy it was to hack into the utility’s network through its IT grid, which gave him access to its control room.
“The experiment has shown that sensitive, critical infrastructure is not sufficiently protected,” said Eberhard Oehler, managing director of the utility, Stadtwerke Ettlingen.
Cyber attacks on infrastructure have become a major worry for utilities following the 2010 Stuxnet computer virus, which experts believe was used by Israel and the United States to make some of Iran’s nuclear centrifuges tear themselves apart.
The threat has been reinforced in recent months by the appearance of a computer virus known as the Havex Trojan, which hackers appear to have used to attack oil and gas firms.
Traditionally, energy utilities have kept infrastructure like power plants safe from cyber attack by keeping it separate from the open Internet.
But that is rapidly changing as a new generation of “smart” power meters hooks up customers to their utilities through the web, and new forms of solar and wind microgeneration supplement traditional centralized power stations.
“The risk is being underestimated outside of the industry,” Oehler said.
Continue reading: BUSINESS WORLD – Smart tech leaves us more open to hacker.