Hackers Can Cut the Lights With Rogue Code, Researchers Show

Safety device used for electrical distribution worldwide could be hacked to turn off power, according to cybersecurity experts. From a report: As Ang Cui added more juice to the power grid, overhead electric lines began to glow bright orange. Then, within seconds, the power lines evaporated in a flash of smoke, leaving an entire section of Manhattan in the dark. No actual buildings or people lost power because, luckily, this was just a simulation -- a tabletop diorama of Manhattan complete with tiny copper power lines and the Statue of Liberty relocated to a pared-down Central Park. Cui's colleagues at Red Balloon Security had unleashed a few lines of malicious code that knocked out a computer designed to protect electrical lines. The real-world consequences were unmistakable: hackers could shut off power in parts of the city, an industrial plant or sports stadium by targeting the very systems designed to protect it. "Whew -- need to open a window," said Cui, Red Balloon's chief executive officer and founder, wafting his hands in an effort to clear the smoke swirling around his fourth-floor office. The charred remains of plastic poles were all that was left of the diorama's power lines. Safety devices like the one Cui's team examined are key to the operation and stability of the modern electric grid. Known as protection relays, they cut the power when faults, or abnormal currents, threaten to damage equipment or harm people. Researchers at Red Balloon discovered vulnerabilities on a relay made by the French firm Schneider Electric SE, called the Easergy P5. The company on Tuesday published a software fix for the device, which is not yet for sale in the U.S. A Schneider Electric spokesman said the firm is "extremely vigilant of cyber threats and continually assesses and evolves our products and R&D practices to better protect our offers, and our customers' operations against them." "Upon learning of the vulnerabilities with the Schneider Electric Easergy P5 protection relay, we worked immediately to resolve them," according to the spokesman. "We urge users of the product to follow the guidance we will provide in the Jan. 11 security notification -- which includes a software patch that will address the immediate risk -- as part of our disclosure process. Users should implement general cybersecurity best practices across their operation to protect their systems."

Read more of this story at Slashdot.