• Nik282000@lemmy.ca
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    SCADA attacks aren’t really necessary any more, those systems are (usually) locked down and obscure. The new hottness is smart home attacks!

    If an attacker got control of one or more “smart” device networks they could geographically correlate devices and then cause local imbalances in the grid. Turning on all the vulnerable appliances in one area while turning them off somewhere else will cause HUGE transient currents as generation from the low use area is sent to the high use area. Just as things are about to stabilize you reverse the whole thing. If the attack is kept up for long enough or the shifting load is big enough damage could be done to the transformers and lines that tie one area to another and eventually generating equipment will have to be taken offline until thing’s settle down.

    If the attacker is really clever they could gently probe the grid with a small load change to figure out the rate at which it responds and then get it oscillating! A much smaller number of devices could be used to do that.

    • Sonori@beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      All residential use only comes to 21% of US electrical demand, and while 46% of that is in the form of increasing internet connected heating and air conditioning, most such systems compressor motors have protections to prevent short cycleing, albeit mostly in software. Your also never going to be able to control them on anything approaching grid frequency, with most of them taking seconds to react even if you could sync time between them that accurately. I think you may be underestimating the amount of inertia in the grid, especially that of industrial customers.

      It’s also worth noting that grid operators are going to notice such an attack very quickly, and can again temporarily shed load in the most vulnerable areas, cutting them off from the network.

      Finally, sudden large spikes in transmission lines are indistinguishable from a ground fault to most contactors and grid protection devices, so most of them would shut down all on their own if they were close to overloading. Similarly, large transformers do have thermal cutoffs, and overheating them would be the main risk to them in such an attack, as unlike an EMP or lightning strike such an attack would be unable to spike grid voltage nearly high enough to lead to dielectric breakdown.

      In the end, while I could see an nation state actor causeing an outage this way, I don’t see it keeping anyone but residental customers offline for more than a few hours. Even then the short term solution would be to get most of the people to disconnect their AC’s breaker if it’s acting up.

      Highly disruptive and potentially fatal if done during the worst of winter yes, but to the point FEMA and the Military are staring to run out of MREs no.