Tuesday, April 10, 2012

Former on Current and Future Grid Security Challenges

I've had a dozen or so copies of this article mailed to me in the past 24 hours. It describes attacks against 2009 vintage, semi-Smart Meters in Puerto Rico that appear to have cost the utility, PREPA, quite a bit of money.

The FBI is involved, and you get some good commentary from InGuardians as well as Itron. Security Engineer Robert Former, from the latter, has the best and final word I think:
What you’re hearing is the sound of [a] paradigm shifting without a clutch,” Former said. “Utilities have to be more enterprise security-aware. With these incidents at organizations of any size or age, the first reaction is to cover it up. The thinking is if we keep this kind of thing secret, nobody will find it or exploit it. But for those of us who are inside the industry, and have been at this long enough, the only way we’re going to fix a security problem is to expose it.
Back to the thorny subjects of information sharing and disclosure, not to mention future proofing. Let's keep pushing on all fronts, people. And sorry if all the puns in this post made you tense.