Sunday, March 27, 2011

Hackers could use 'smart meter' technology to undermine the continental power grid / Radiation Dose Chart / What to Do / 'a buzz' in city / Doc Meek / Trial Lawyers Gear Up for Attack

W.E.E.P. News

Wireless Electrical and Electromagnetic Pollution News

28 March 2011

Hackers could use new digital 'smart meter' technology to undermine the continental power grid, security experts warn.

OTTAWA — Hackers are penetrating the national power grid, say industry insiders who want the federal government to act.

"We certainly know from our customers that their systems have been infiltrated. It's been going on for some time," said Doug Westlund, president of N-Dimension Solutions, a Richmond Hill, Ont. cyber security company that works with North American utilities.

"I can't tell you who they are, but they're close to home for sure."

Westlund, whose company is part of a research project sponsored by the United States Department of Energy to protect the emerging digital "smart grid" against cyber attacks, likened the incidents to a covert penetration and reconnaissance of the U.S. system in 2009.

Those cyberspies also reportedly embedded software in utilities' computers that could have disrupted future service. Officials speculate either Russia or China was responsible.

Westlund said the Canadian intrusions appear to have been to navigate the systems and their controls, not to embed malicious codes.

Francis Bradley, of the Canadian Electric Association, said, "we will, at times, see potential attacks," against parts of the grid.

"Intrusion detection systems at the companies will pick up people trying to effectively ping some of the servers. (But) we have not seen a loss of power to customers as a result of a cyber attack."

Security jitters about the interconnected North American power system are deepening as the industry evolves from the largely isolated systems of the electro-mechanical world to a grid built around interoperable, wireless digital technologies. The goal is to optimize generation, transmission and distribution.

The most worrisome change involves tens of millions wireless "smart meters" being installed in homes and businesses for faster, more efficient two-way communications with local utilities, which in turn link to transmission operators and power generators.

"There will be more and greater potential for cyber attack because there will potentially more vectors of attack," said Bradley. "This is real. I see the kinds of resources that companies are putting into this and they would not be devoting the sorts of resources that they are to IT security on an ongoing basis if this was not real. Their response is commensurate with the threat and the response is significant."

But he dismisses shrill claims that the smart grid is shaping up to be dangerously insecure.

"The world was supposed to end with Y2K. There are always people out there who will have that perspective. . . . because it's an unknown."

Yet the digitalization of critical infrastructure is happening in tandem with the weaponization of the web — and governments are responding.

The U.S. has declared its digital infrastructure a strategic asset and made cyber security a national security priority. Britain has made cyber security a top issue in its national security strategy.

Canada last fall unveiled a national cyber security strategy which resembles more of a policy framework than an action plan, with what many consider a paltry $90-million in five-year funding.

But Bradley, who has criticized federal inaction in the past, said the government now seems committed.

"For the first time in many years, at least on the IT-security front, I'm seeing very positive steps being taken by the federal government that I hadn't seen." He declined to elaborate.

News emerged this week that security chiefs in Britain have enlisted Prime Minister David Cameron to press companies responsible for critical national infrastructure, including National Grid, to allow the government's electronic spy agency to keep watch for hackers on their systems.

Bradley, the association's vice-president of policy development, says Canada should do something similar, short of allowing government intelligence agents to patrol the online corporate domains that own and operate an estimated 85 per cent of the nation's critical infrastructure.

"I'm not going to suggest which group or agency should be doing it, but I think somebody has to gather and aggregate that information and draw conclusions about it. There would certainly be benefit to having somebody having access to intrusion-detection logs," he said.

"Is it just happening with relation to electricity or is it happening to banking, is it happening to telecommunications, is it happening to government services? Is it the same tools that are being used, is it the same IP addresses? Is somebody gathering this information and analyzing where these attacks are coming from?

"It's absolutely critical that somebody do this and that should be somebody within the federal government" who goes beyond the limited reach of the existing Canadian Cyber Incident Response Centre, he said.

Westlund, too, says the federal government must step up.

"You can't manage what you can't measure and right now we're not measuring any of this stuff, we're not monitoring it."

Unlike water or gas, electricity cannot be stored; it must be generated and then immediately used. It is the world's most extreme just-in-time commodity.

That means generation and transmission operations must be monitored and controlled constantly, increasingly by hooking up millions of wireless devices across the continent to the Internet, potentially exposing the system to power hackers and other cyber attacks.

Meanwhile, many of the main industrial control systems that regulate breakers, relays, feeders and the flow of electricity have lifespans of up to 25 years and have yet to be replaced. Mitigation and compensation measures to help them mesh with the newer technologies are creating additional weak links and vulnerabilities.

But it is the arrival of smart meters that potentially opens a vast new front of "attack vectors" that could allow sophisticated intruders access into the system — for anything from denial-of-service assaults and identity theft, to stealth attacks on power plants.

Most but the earliest, low-cost smart meter models now have at least basic security features, though utility-sponsored tests in the U.S. have still hacked successfully into some.

Hackers also like limelight. The first one to turn out the lights in Ottawa or Toronto would achieve lasting infamy.

"There's a general consensus amongst my colleagues and most of us in the security business that the smart meter technology has gotten way out in front of the security technology," said Mark Weatherford, chief security officer for the Washington-based North American Electric Reliability Corporation. NERC enforces reliability standards for North America's gigantic and interconnected bulk power system of power generators, transmission lines and control systems.

Though smart meters belong to the distribution side of the grid, Weatherford worries they could be manipulated to unbalance the generating and transmission sides.

For example, a hacker exploiting some common vulnerability in the meters servicing a city could potentially turn off 100,000 or more meters, or "flip" the power on and off, causing the electrical load to "ripple" back through the system, tripping breakers, throwing power plants off-line and possibly frying equipment.

A chill went through the critical infrastructure industry last summer when a malicious computer worm called Stuxnet attacked Iran's uranium enrichment plants.

Stuxnet was the first piece of malware built not only to spy on industrial control systems, but to reprogram them, and reportedly destroyed about 1,000 Iranian centrifuges. Some experts speculate the U.S. or Israel was responsible for the attack.

"Stuxnet without a doubt showed all the vulnerabilities and more that we have in our grid and critical infrastructure system," said Westlund. Stuxnet code is now widely available and, "pieces of it can be repurposed quite easily to attack something closer to home. That's where we see this all heading. From a threat-risk profile it's huge, absolutely huge."

In a speech in Tehran Wednesday, Iranian Brig-Gen. Massoud Jazayeri raised the possibility of retaliatory cyber strikes against the U.S. — and by extension Canadian — power grid.


Radiation Dose Chart



What to Do if a Cell Tower is Proposed in Your Neighborhood

Neighborhood Notes

"If you're going to challenge the antenna going in, it's good to know all the bases you have for opposing it," Cole says. Some cell towers have equipment ...


Smart meter health concerns are causing 'a buzz' in city

By Dan Cassidy Feb 15, 2011

With the Naperville City Council set to vote Tuesday on the bill of rights for the smart grid initiative, some residents still are raising health concerns surrounding the project.

The proposal would put in writing the rights electrical customers in Naperville would have regarding information, privacy, options and data security under the new system.

Proponents of the smart grid say the project, which will upgrade the electrical infrastructure in the city, will lead to more efficient energy use and save money on customers' monthly electric bills.

Some opponents have been concerned about the meter to be used to keep track of energy use at homes and businesses, saying there are still bugs to be worked out. Others have brought up potential health risks involved with the equipment.

Lisa Rooney of Naperville is concerned that the bill of rights "doesn't address health concerns" and that is a "key component that needs to be added."

"If the (meters) are installed and residents experience health concerns, such as headaches ... there doesn't seem to be any recourse," she said.

She said some people seem to be "electro-sensitive," and are affected more than others by the use of wireless technology such as cell phones and other devices. She believes the meters could aggravate those problems.

Sue Storm of Naperville said she has sensitivity to radio frequency transmissions. She said it is almost like an allergy. When she is around the transmissions she can get headaches, ringing in the ears and other symptoms. She is worried about what a new smart meter might mean to her lifestyle. Right now, she has to avoid Wi-Fi hot spots and has everything in her house hard wired. The new meter would make her life even more difficult, she said.

Proponents of the system, however, say the amount of radio frequency current generated by smart meters is relatively low, lower even than cell phones. They also point to several studies, including one from the California Council on Science and Technology, which say that the meters pose no health risk.

Rooney said she understands that there are "so many studies and opinions out there" on both sides of the smart meter issue.

"I think with any emerging technology (such as smart grid) that we should be proceeding with caution, and allow people choices on how much technology they use," she said.

She would like to see residents able to opt out of the system for health and possibly other reasons.

City Councilman Robert Fieseler, who sits on the Smart Grid Steering Committee, said he takes health concerns about the meters seriously as well.

"It is generating a lot of buzz," he said about the issue.

He said customers with health issues should have those matters addressed in some fashion.

"I think the prudent thing to do is to work on mitigation options" for those with concerns, he said. That doesn't mean opting out of the system, he said.

According to Fieseler, the Public Utility Advisory Board may be a venue for people to bring concerns once the system is up and running.

However, although he said he is "open minded" to potential health issues, he believes the weight of evidence shows there to be no significant health or safety concerns from smart meters.

Despite that, he believes the health issue concerning smart meters needs to be discussed.

"I truly believe we need to have this aired," he said.


"Technological marvels can be hazardous to human health." ~ Doc Meek

By Doc Meek

"Independent and reliable research is now cautioning us that even non-ionizing electromagnetic radiation (EMR), such as that emitted by numerous wireless devices now in common use in homes, schools and workplaces, presents serious ...


Trial Lawyers Gear Up for Attack on Cell Phone Industry

24 Corporate Crime Reporter 14, March 27, 2011


Web site e-mail

To sign up for WEEP News: (provide name and e-mail address)

W.E.E.P. – The Canadian initiative to stop Wireless Electrical and Electromagnetic Pollution