Jan 12, 2022 10:18:00

'Vulnerability to be hacked and cut off power' is found in safety devices used in power distribution equipment around the world

Ang Cui, CEO of Internet security company

Red Balloon Security , points out that computers used to protect wires in power distribution equipment around the world are vulnerable to hacking. increase.

Researchers Show How Hackers Can Cut the Lights With Rogue Code --Bloomberg
https://www.bloomberg.com/news/articles/2022-01-11/researchers-show-how-hackers-can-cut-the-lights-with-rogue-code

The Red Balloon Security security team, led by CEO Kui, investigated safety devices that are key to operational stability in modern power grids. This safety device, known as a 'protection relay,' prevents damage to the power distribution equipment by shutting it off when an abnormal current flows through it.

When Red Balloon Security investigated this protection relay, it found a vulnerability in a protection relay called 'Easergy P5' made by Schneider Electric, a global electrical equipment manufacturer in France. The existence of the vulnerability has already been notified to Schneider Electric, and the company has released a software patch.

The security team claims that it was possible to hack the Easyergy P5 and remotely shut down the power grid by using the vulnerability discovered in the Easyergy P5. In addition, if multiple Easy P5s are attacked at the same time, a long power outage may occur, CEO Kui said.

A Schneider Electric spokeswoman said, 'After recognizing the vulnerability in Easergy P5, we immediately worked to fix the problem.' 'A January 11 security notice to product users as part of the disclosure process. We recommend that you follow the guidance on the issue (including software patches to address the issue). To protect your system, you must implement general cybersecurity best practices throughout your operations. ' It states.

Red Balloon Security is also investigating protection relays other than Schneider Electric, but said that no serious problems were found. 'It can be used for cyberweapons that have very realistic physical impacts,' said Kui, a flaw in remotely accessible computer networks. 'Vendors need to take a much better approach to security, specifically, they need to incorporate robust security into their firmware,' he said, adding that more security measures are needed. ..

Meanwhile, Chris Systrunk, technical manager of cybersecurity firm Mandiant, warned that risks should not be exaggerated. If a protection relay like the Easergy P5 fails, the affected customer's power can be restored within hours.

Note that protection relays like the Easyergy P5 are usually behind a network firewall and are not directly connected to the public Internet, so they are 'protected' to some extent. However, advanced hackers need more security to find ways to ultimately access protected devices by exploiting network misconfigurations and bypassing physical barriers. That's why.