Skip to main content

Open Source Intelligence for Energy Sector Cyberattacks

Part of the Advanced Sciences and Technologies for Security Applications book series (ASTSA)

Abstract

In March 2018, the U.S. DHS and the FBI issued a joint critical alert (TA18-074A) of an ongoing campaign by Russian threat actors targeting U.S. government entities and critical infrastructure sectors. The campaign targets critical infrastructure organizations mainly in the energy sector and uses, among other techniques, Open Source Intelligence (OSINT) to extract information. In an effort to understand the extent and quality of information that can be collected with OSINT, we shadow the threat actors and explore publicly available resources that can generate intelligence pertinent to power systems worldwide. We undertake a case study of a real, large-scale power system, where we leverage OSINT resources to construct the power system model, validate it, and finally process it for identifying its critical locations. Our goal is to demonstrate the feasibility of conducting elaborate studies leveraging public resources, and inform power system stakeholders in assessing the risks of releasing critical information to the public.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-00024-0_14
  • Chapter length: 21 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   119.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-00024-0
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Hardcover Book
USD   159.99
Price excludes VAT (USA)
Fig. 1
Fig. 2
Fig. 3

Notes

  1. 1.

    OSINT refers to data and information passively collected and analyzed from publicly available sources. It is not related to open source software.

References

  1. Bangladesh power cut plunges millions into darkness. http://reuters.com

  2. Binwalk firmware analysis tool. https://github.com/ReFirmLabs

  3. Blackout watch: Brazilian blackout 2009. http://pacw.org

  4. Embedded device hacking. http://devttys0.com

  5. European network of TSOs for electricity. http://entsoe.eu

  6. How an entire nation became Russia’s testlab for cyberwar. http://wired.com

  7. India Northern Regional Load Despatch Centre. http://nrldc.in

  8. Industrial Control Systems Cyber Emergency Response Team. http://ics-cert.us-cert.gov

  9. International energy statistics (2017). http://eia.gov

  10. Map of PMUs with synchrophasor data flows in North America. http://naspi.org

  11. National Vulnerability Database. http://nvd.nist.gov

  12. Network data of real transmission networks (2013). http://maths.ed.ac.uk

  13. Open energy information. http://openei.org

  14. Open power system data platform. http://open-power-system-data.org

  15. Rebels tied to blackout across most of Pakistan. http://nytimes.com

  16. Shodan search engine. http://shodan.io

  17. U.K. Electricity Ten Year Statement 2016. http://nationalgrid.com

  18. Ukraine’s power outage was a cyber attack: Ukrenergo. http://reuters.com

  19. Abraham S, Efford JR (2004) Final report on the August 14, 2003 blackout in the U.S. and Canada. Technical report, Power System Outage Task Force

    Google Scholar 

  20. Alonso F, Greenwell C (2016) Underground vs. Overhead: power line installation-cost comparison and mitigation. Electr. Light Power 22

    Google Scholar 

  21. Bakshi S (2012) Report of the enquiry committee on grid disturbance in Northern region on 30th July 2012 and in Northern, Eastern & North-Eastern region on 31st July 2012. Technical report, Indian Ministry of Power

    Google Scholar 

  22. Bernstein A, Bienstock D, Hay D, Uzunoglu M, Zussman G (2014) Power grid vulnerability to geographically correlated failures – analysis and control implications. In: IEEE INFOCOM 2014 – IEEE conference on computer communications, pp 2634–2642. https://doi.org/10.1109/INFOCOM.2014.6848211

  23. Campbell RJ (2012) Weather-related power outages and electric system resiliency. Technical report, Congressional Research Service

    Google Scholar 

  24. Davis CM, Overbye TJ (2011) Multiple element contingency screening. Trans Power Syst 26(3):1294–1301

    CrossRef  Google Scholar 

  25. Davis C, Chmieliauskas A, Nikolic I (2015) Enipedia. Energy & Industry group, Faculty of Technology, Policy and Management, TU Delft

    Google Scholar 

  26. Durumeric Z, Wustrow E, Alex Halderman J (2013) ZMap: fast internet-wide scanning and its security applications. In: Presented as part of the 22nd USENIX security symposium (USENIX Security 13), Washington, DC. USENIX, pp 605–620. https://www.usenix.org/conference/usenixsecurity13/technical-sessions/paper/durumeric,ISBN:978-1-931971-03-4

    Google Scholar 

  27. Eaton: Blackout tracker (2017) United States annual report 2016

    Google Scholar 

  28. Eles: Slovenia’s transmission network: annual report 2015. http://eles.si

  29. Elia: Belgium electrical transmission network: annual report 2016. http://elia.be

  30. Fachkha C, Bou-Harb E, Keliris A, Memon N, Ahamad M (2017) Internet-scale probing of CPS: inference, characterization and orchestration analysis. In: Proceedings of the 24th network and distributed system security symposium (NDSS’17), San Diego, Feb 2017

    Google Scholar 

  31. Gharavi H, Ghafurian R (2011) Smart grid: the electric energy system of the future. In: Proceedings of the IEEE. IEEE, Piscataway

    Google Scholar 

  32. Grainger J, Grainger W, Stevenson W (1994) Power system analysis. McGraw-Hill Education, New York

    Google Scholar 

  33. Igure VM, Laughter SA, Williams RD (2006) Security issues in SCADA networks. Comput Secur 25(7):498–506

    CrossRef  Google Scholar 

  34. International Society of Automation (2018) ANSI/ISA 62443 security for industrial automation and control systems. ISA

    Google Scholar 

  35. Kaplunovich P, Turitsyn K (2016) Fast and reliable screening of N-2 contingencies. Trans Power Syst 31(6):4243–4252

    CrossRef  Google Scholar 

  36. Keliris A, Maniatakos M (2016) Remote field device fingerprinting using device-specific modbus information. In: 2016 IEEE 59th international Midwest symposium on circuits and systems (MWSCAS), pp 1–4. https://doi.org/10.1109/MWSCAS.2016.7870006

  37. Keliris A, Maniatakos M (2017) Demystifying advanced persistent threats for industrial control systems. ASME Mech Eng 139(03):S13–S17. https://doi.org/10.1115/1.2017-Mar-6

    CrossRef  Google Scholar 

  38. Knake R (2017) A cyberattack on the U.S. power grid. Contingency planning memorandum, vol 31. Council on Foreign Relations. https://www.cfr.org/report/cyberattack-us-power-grid.3Apr2017

  39. Konstantinou C, Maniatakos M (2015) Impact of firmware modification attacks on power systems field devices. In: International Conference on Smart Grid Communications. IEEE, pp 283–288. https://doi.org/10.1109/SmartGridComm.2015.7436314

    Google Scholar 

  40. Konstantinou C, Maniatakos M (2017) Security analysis of smart grid. Commun Control Secur Challenges Smart Grid 2:451

    Google Scholar 

  41. Langner R (2011) Stuxnet: dissecting a cyberwarfare weapon. Secur Priv 9(3):49–51

    CrossRef  Google Scholar 

  42. Lee RM, Assante MJ, Conway T (2016) Analysis of the cyber attack on the Ukrainian power grid. Technical report, SANS Industrial Control Systems

    Google Scholar 

  43. Momoh J, Mili L (2009) Economic market design and planning for electric power systems, vol 52. Wiley, Hoboken

    CrossRef  Google Scholar 

  44. Morison K, Wang L, Kundur P (2004) Power system security assessment. Power Energy Mag 2(5):30–39

    CrossRef  Google Scholar 

  45. NERC: Disturbance Reports 1992–2009

    Google Scholar 

  46. NERC (2009) FAC-011-2: system operating limits methodology for the operations horizon

    Google Scholar 

  47. OpenStreetMap: Power networks. http://openstreetmap.org

  48. Orebaugh A, Ramirez G, Beale J (2006) Wireshark & Ethereal network protocol analyzer toolkit. Syngress, Rockland

    Google Scholar 

  49. Pajic S (2007) Power system state estimation and contingency constrained optimal power flow: a numerically robust implementation. Worcester Polytechnic Institute

    Google Scholar 

  50. Project Group Turkey (2015) Report on blackout in Turkey on 31st March 2015. Technical report, European Network of Transmission System Operators for Electricity

    Google Scholar 

  51. ProSoft Technology: Power success stories. http://prosoft-technology.com

  52. Reimann J, Rose J (2015) Eclipse SCADA: the definite guide

    Google Scholar 

  53. Roland Berger (2014) Study regarding grid infrastructure development: European strategy for raising public acceptance. Technical report, European Commission Tender No. ENER/B1/2013/371

    Google Scholar 

  54. SCADA Innovations: Success stories. http://scadainnovations.com

  55. Siemens: High voltage substation references. http://energy.siemens.com

  56. Stott B, Alsac O, Alvarado F (1985) Analytical and computational improvements in performance-index ranking algorithms for networks. Int J Electr Power Energy Syst 7(3): 154–160

    CrossRef  Google Scholar 

  57. Stouffer K, Falco J, Scarfone K (2011) Guide to industrial control systems security. NIST Spec Publ 800(82):16

    Google Scholar 

  58. Symantec: Dragonfly: Western energy sector targeted by sophisticated attack group. http://symantec.com

  59. Technavio: Global smart grid transmission and distribution equipment market 2016–2020. http://technavio.com

  60. Turitsyn KS, Kaplunovich PA (2013) Fast algorithm for N-2 contingency problem. In: 46th Hawaii international conference on system sciences (HICSS). IEEE, pp 2161–2166. https://doi.org/10.1109/HICSS.2013.233

  61. U.S. DHS and FBI: US-CERT: advanced persistent threat activity targeting energy and other critical infrastructure sectors. http://us-cert.gov/ncas/alerts/TA18-074A

  62. Zachariadis T, Poullikkas A (2012) The costs of power outages: a case study from Cyprus. Energy Policy 51(Supplement C):630–641

    CrossRef  Google Scholar 

  63. Zimmerman RD, Murillo-Sánchez CE, Thomas RJ (2011) MATPOWER: steady-state operations, planning, and analysis tools for power systems research and education. Trans Power Syst 26(1):12–19

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Anastasis Keliris .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this chapter

Verify currency and authenticity via CrossMark

Cite this chapter

Keliris, A., Konstantinou, C., Sazos, M., Maniatakos, M. (2019). Open Source Intelligence for Energy Sector Cyberattacks. In: Gritzalis, D., Theocharidou, M., Stergiopoulos, G. (eds) Critical Infrastructure Security and Resilience. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-00024-0_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-00024-0_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-00023-3

  • Online ISBN: 978-3-030-00024-0

  • eBook Packages: Computer ScienceComputer Science (R0)