How the blockchain could fight grid cyber-threats
The recent ransomware saga is a potent reminder of just how vulnerable our information and data is to cyber-threats. But it’s not just our information that’s vulnerable; these threats extend into the physical world of electricity as well.
In fact, today’s electrical grid is incredibly insecure against cybersecurity threats; for example, the massive 2015 cyberattack on the Ukranian power grid that left 230,000 people in the dark and the intrinsic level of insecurity presented by smart meters used all over the world. And with billions of energy-using, Internet-connected devices expected to come online over the next decade (PDF), the grid is about to experience a several-orders-of-magnitude increase in the number of vulnerabilities to cyber-threats.
Fortunately, blockchain technology is inherently robust against cyber-threats, and many energy companies are considering how blockchains may bolster the grid’s cybersecurity. This is because blockchains are built for:
- Tamperproofing data (PDF): Blockchains make it very difficult to change data after it has been written. This eliminates a number of risks, including man-in-the-middle attacks, in which a hacker modifies data that’s en route to its destination. With a proper blockchain implementation, all computation is "hashed" and made tamperproof at the point of origin, so there is no risk of data being modified while in transit.
- Disintermediation (PDF): With blockchains, intermediaries (escrow corporations) often are no longer necessary, significantly reducing transaction costs.
- Complete data availability (PDF): Blockchains can store data in a decentralized fashion across many nodes. With this architecture, even if some nodes or servers are compromised, users still can access a complete dataset.
- Redundancy (PDF): Blockchains operate without a central point of failure, so reliability through redundancy is intrinsic to this architecture.
- Privacy and control: Users of a blockchain can choose which data to make immutably transparent and which data to keep encrypted so only the intended recipients can view the contents.
- Outsourcing computation (PDF): Encrypted data can be sent for processing to a third party, without the contents of the data being revealed.
As the world of energy becomes more digitized and decentralized, the need for solid defense against cybersecurity threats increases drastically. When a blockchain is implemented properly, it offers a strong defense against external and internal threats by mitigating internet-connected and data communications vulnerabilities, and increasing data confidentiality and privacy.
Internet-connected energy-using devices have the most room for improvement when it comes to cybersecurity. Between January and April, research found that over 2 million Internet of Things (IoT) devices in homes were hacked into and rendered useless (bricked). This attack was to protest manufacturers’ poor cybersecurity policies for the devices, chiefly, thousands of devices set by default to use basic login and authentication credentials (username=user and password=password). In this case, hackers could have been much more malicious than simply bricking devices, but they wanted to prove their point: Unsecured IoT devices are unsafe, and should not be allowed to operate in a real-world environment where people’s lives and property are at risk.
Blockchain technology and those working on making it more usable for everyone are paving the way toward a new user-authentication paradigm. The current system of username/password combinations has been obsolete for many years. A much more secure mode of authentication is that of the public–private key pair (also called public key cryptography), the default in systems such as Bitcoin and Ethereum. As these blockchain implementations become more user-friendly, we will see a natural evolution of all login systems toward this more modern and secure method.
[Learn more about the blockchain and energy at VERGE 17, Sept. 19-21 in Santa Clara, California.]
With a properly integrated cryptographic key login system for blockchain-based applications, IoT device owners will bear a significantly reduced risk of loss of power, theft of data and threats to privacy.
What's more, integrating pricing and settlement on wholesale electricity markets into a secure blockchain significantly minimizes the risk of false data injection and pricing manipulation. This is largely because of the tamperproof characteristic of blockchains, which ensures immutability of a given dataset or series of communications between transacting parties.
The blockchain is also relevant for addressing data privacy and security issues. As more data is collected and transported over the internet, the risk of data exploitation and breach increases, as evidenced by the release of confidential information from hacks of LinkedIn, Yahoo, Target and other large organizations. Blockchains allow for the encrypted transportation of private data, ensuring that data is readable only by the intended recipient.
Introducing a new risk: Key mismanagement
Blockchains are great at mitigating several cybersecurity risks, but they also introduce a new risk that is often overlooked: key mismanagement. Key management is the secure storage of digital keys in a fashion that prevents unauthorized access — something of significance for distributed energy resources, which eventually will be connected to the web and authenticated mostly through asymmetric cryptography (the method used for all blockchain-based transaction and authentication). Many early adopters of blockchain technology that don’t have a background in IT have lost their private keys, rendering their blockchain assets or devices inaccessible.
However, key management is getting some much-needed attention, and innovators are creating new ways to store and recover private keys securely.
One innovative way to tackle this problem is to integrate key pairs in actual, physical devices (think key fobs for your car) and use them to activate devices. This minimizes, or in some implementations renders impossible, the risk of hackers accessing private keys that confirm the identity and authority of a signing entity. Keys that exist on a personal device enforce secure signing on, for example, an energy-using internet-connected device (an electric vehicle). For a malicious actor, if all signing must be on a device, then the physical device must be compromised in a way that allows a hacker to remotely execute commands on the device instead of just reading data, which is much more difficult for the hacker and therefore a more secure implementation.
As digitized and distributed systems in energy become more common and billions of energy-using devices are integrated into the electricity system, malicious actors will see the potential to exploit these systems and attempt to usurp this new reality. Therefore, it is paramount that we ditch the "build-then-patch" approach, and build systems integrated with holistic security. Fortunately, much of this security is inherent in a properly implemented blockchain.
This article's co-author is Garrett MacDonald, a technology advisor to Rocky Mountain Institute.