Power grids are very large, so it is difficult to secure each point of the network and establish a trusted relationship between each device. In order to be able to track events as they are happening, monitoring solutions are used. However, an attacker can compromise the system and send false information, which has already happened before (in Ukraine). A team of researchers at Georgia Tech has developed a new radio frequency-based monitoring technique to verify the authenticity of information from the power station. The solution is called RFDIDS, for Radio Frequency-based Distributed Intrusion Detection System.

To do so, they use physical phenomena taking place at the station, specifically by capturing the radio frequencies produced by the devices via a dedicated antenna. Those signals are then authenticated using lightning bolts:

  • On average, lightning strikes forty times per second worldwide
  • Each bolt creates a very low-frequency signal
  • It is possible to observe that signal a great distance away from where it was emitted. For instance, the researchers explain that from the United States, they can observe the signals of lightning bolts in South America
  • The bolts are recorded by more than 70,000 stations in the United States, and there are also international bases that log them
  • The data collected using the antenna is analyzed to identify the lightning signals
  • If any discrepancy with the lightning databases is detected, this may mean that an attack is underway

For now, the method has only been used and tested in the energy industry, but it could be applied to other fields, such as railroads to verify that a train is running.

Learn more...
Download the report dedicated to Utilities. Written by cybersecurity experts, this reports highlights the various attack vectors used in the Utility sector and illustrates their impacts and what are the basic measures to take as a first step in your industrial cyber security strategy.