Breaking News, World News and Taiwan News.

Updated Wednesday, July 29, 2009 10:43 am TWN, By Brian Krebs, The Washington Post

Sponsors
▪	Save 75% for all hotels in Shanghai, Beijing and whole China. Lowest rates for Flights in China.
▪	Get the best deals for Guangzhou Hotels or choose from more than 10,000 hotels in 499 Chinese cities.
▪	Find great real time deals on China Flights. Book flights to China or China domestic flights 24/7.
▪	Buy china wholesale products from reliable chinese wholesalers on DHgate.com!

'Smart' U.S. power grid raises hacking security concerns

WASHINGTON -- Electric utilities vying for US$3.9 billion in new federal “smart-grid” grants will need to prove that they are taking steps to prevent cyber attacks as they move to link nearly all elements of the U.S. power grid to the public Internet.

The requirements from the Department of Energy come amid mounting concern from security experts that many existing smart-grid efforts do not have sufficient built-in protections against computer hacking, such as new “smart meters” that put information about consumers' power use onto the Internet, grid-management software and other equipment.

The smart-grid spending in the federal stimulus package is intended to create jobs and improve the efficiency and reliability of the electricity grid by lowering peak demand, reducing energy consumption, integrating more renewable energy sources and easing the pressure to build new coal-fired power plants.

Many of those efficiency gains will be made possible by new technology being built on top of the existing power grid, such as smart meters, which provide real-time feedback on power consumption patterns and levels. An estimated 8 million smart meters are used in the United States today, and more than 50 million more could be installed in at least two dozen states over the next five years, according to the Edison Foundation's Institute for Electric Efficiency.

Yet security researchers have found that these devices often are the weakest link in the smart-grid chain. Smart meters give consumers direct access to information about their power usage and the ability to manage that usage over the Web, but that two-way communication also opens up the possibility that the grid could be attacked from the outside. Many such systems require little authentication to carry out key functions, such as disconnecting customers from the power grid.

Indeed, at this week's Black Hat, the world's largest cyber-security conference held annually in Las Vegas, researchers from IOActive of Seattle are slated to demonstrate a computer worm that spreads by taking advantage of the software update feature built into a prevalent brand of smart meters (IOActive

is not disclosing which one). The worm could in theory give the attackers who launched it the ability to very quickly sever tens of thousands of homes from the smart grid.

Joshua Pennell, IOActive president and chief executive, said he hopes the presentation will serve as a wake-up call for smart-grid technology vendors and the companies purchasing the products.

Federal grants for smaller smart-grid projects range from US$300,000 to US$20 million, while the federal share of funds for larger projects could be as much as US$200 million. The Energy Department says it can reject any grant application that does not demonstrate that ensuring cyber security will be a top priority.

Subscribe to The China Post and save 25%. Click here