by psvish
9. August 2011 04:44
We see the media barrage on Smart Grid projects and discussions of what to do with massive torrents of data coming in from smart meters and other devices in homes, offices and at various grid points. An area that has been getting less attention is the security threa posed by those interested in breaking into corporate web sites and through them into the sensitvie data stored by those companies on their customers. I came across an interesting report from McAfee about the prolonged attack on a number of companies, including those in the energy sector. According to Dmitri Alperovitch, vice president of Threat Research and author of the Shady Remote Access Tool [RAT] White Paper, the question is not who is compromised, but who does not know they are compromised.
According to Jesse Berst, a smart grid analyst, the nature of these prolonged attacks should not be considered as a specific effort. These attacks are prolonged and general in nature. More often they start with SQL – Injection attacks that compromise the corporate Web servers. These servers are meant to be outside of the corporate firewall and are understood to be a security risk. However, once compromised the reality is that these servers are then a command and control center that enable password detection and other Remote Access Tools to not only test the links within the corporation, but all the other ingresses and egresses.
That is why it's important when having Web portals with public access, for utilities to pay attention to the security issues and make sure that their vendors understand these issues as well. As a cloud-based provider of DSM program tracking and reporting analytics provider, we spend a lot of time to address such issues to make sure we provide a secure environment for our utility industry clients. We will be happy to discuss how to handle such issues with any of our readers - give us a call.
Track. Report. Analyze. Manage.
