The paper “Grid Shock: Coordinated Load-Change Attacks on Power Grids” by Adrian Dabrowski, Johanna Ullrich, and Edgar Weippl was accepted for publication at the 2017 Annual Computer Security Applications Conference (ACSAC 33).
Our work analyzes whether large-scale botnets are able to modulate electric power consumption in a coordinate way to bring down the power grid. ACSAC is a leading conference in applied computer security. In total, 48 out of 244 submissions were accepted, resulting in an acceptance rate of 19.7%. ACSAC 33 will be held in San Juan, Puerto Rico in December 2017.
In this paper, we develop attacks violating this assumption, investigate their impact on power grid operation and assess their feasibility for today’s adversaries. In our scenario, an adversary builds (or rents) a botnet of zombie computers and modulates their power consumption, e.g., by utilizing CPU, GPU, hard disks, screen brightness, and laser printers in a coordinated way over the Internet. Outperforming the grid’s countervailing mechanisms in time, the grid is pushed into unstable states triggering automated load shedding or tie-line tripping.
We show that an adversary does not have to rely on smart grid features to modulate power consumption given that an adequate communication infrastructure for striking the (legacy) power grid is currently nearly omnipresent: the Internet to whom more and more power-consuming devices are connected.