Threat Watch

Could IoT Devices lead to a Mass Blackout?

Princeton University security researchers are set to deliver a study that touches on a highly disregarded issue in power grid security. Their study brought along some shocking news. If there is an increased demand in a specific sector of the power grid, protective relays will be tipped off and in turn will shut down the power due to sensing the overload, which seems practical. During the research, however, it was discovered that this system carries a heavy vulnerability. If the demand of power were to jump just one percent in an area such as California or the entire country of Canada, which both have close to 38 million people, it would be enough to take out the bulk of the grid. “Power grids are stable as long as supply is equal to demand,” says Saleh Soltan, a researcher in Princeton’s Department of Electrical Engineering, who led the study. “If you have a very large botnet of IoT devices, you can really manipulate the demand, changing it abruptly, any time you want.” Although there are engineers who are tasked to forecast variation, hackers also know this and could make the demands increase whimsically. There is not a specific device that researchers are specifically targeting, but the intent was to bring light to that fact that a botnet of IoT devices could be compromised and used in this manner. If something like this were to happen, it would be even easier to keep the system down after the attack has been initiated, and since the spikes would be hidden, attackers would continue trying until they get their desired result.