He had no idea where this exercise would lead to...
Emil Gurevitch is on his way to Silicon Valley, having helped improve IT security at SEAS-NVE and many other electricity grid companies.
When, as a part of his master’s project at DTU, Emil Gurevitch agreed to attempt to break into the SEAS-NVE IT system, he had no idea that he would make it so far into the system—and so far out into the world.
“The report I wrote is still confidential,” relates Emil Gurevitch, Information Security Engineer, by phone from Gdansk in Poland, where the American company Networked Energy Services (NES) has its head office, and where Emil is currently waiting for the visa to the United States that is his ticket (back) to Silicon Valley.
But let us start at the beginning with Bo Danielsen, Head of Department for Meters and Installations at the Zealand-based electricity company SEAS-NVE, at his office in Haslev, just south of Køge.
“We were one of the first grid companies to install remotely read meters, and we now have an active network featuring almost 400,000 potential attack points,” he says.
Several years ago, SEAS-NVE purchased its digital meters from Echelon, which has since become the afore-mentioned NES. The meters communicate with SEAS-NVE’s system via the electricity grid, which ought to be a safe way to collect data. However, other electricity companies had already come under attack by hackers, so SEAS-NVE contacted Associate Professor Christian Damsgaard Jensen at DTU Compute to learn more about the issue.
Their dialogue revealed that there are not actually many researchers in the world with knowledge of both IT security and remotely read meter systems used by electricity grid companies. The solution proved to be to ask one of the Computer Science and Engineering students—Emil Gurevitch—to have a crack at SEAS-NVE’s system.
“We had a number of good conversations about the setup and laid down some ground rules. We wanted it to be as realistic as possible,” recalls Emil Gurevitch.
Took the meter apart
SEAS-NVE provided him with a meter and a connection so that he could take on the role of a normal customer, and then attempt to hack into the system from the comfort of his own living room. Emil Gurevitch started by taking the meter apart and examining the network. And he ended up forcing his way much farther into the system than Bo Danielsen had imagined would be possible.
“There are different levels of security. It is possible to hack a single meter? Can you then reach another meter in the same sub-grid? And can you then reach other meters in other sub-grids? We found ourselves in a classic hacker scenario,” says Bo Danielsen, adding that Emil Gurevitch scored top marks for his master’s project, graduating as an MSc Eng in information technology specializing in security.
Employed in California
Emil Gurevitch demonstrated that it was possible to access the digital meters, so SEAS-NVE entered into discussions with the supplier in the United States. The senior executives at NES were extremely attentive, and the dialogue soon transformed into a formalized partnership between NES, DTU Compute an SEAS-NVE.
Emil Gurevitch accepted a position with SEAS-NVE and took up an overseas posting at NES in California. This led to improved algorithms, as well as software and network updates that have now been implemented in the meters and networks used by SEAS-NVE and a string of other electricity grid companies that utilize the same technology.
“They’ve received security improvements they didn’t even know the needed,” states Bo Danielsen, who stresses that access to the electricity grid via the meters could have resulted in damage, but that malevolent hackers could not have used this route to disrupt power plants, for example. The meters ‘only’ deliver packages of information (hour values once a day) to Energinet.dk.
Hackers are always finding new ways in, so SEAS-NVE is continuing its working relationship with NES and other suppliers.
“We’ve now built up close and direct ties with an extremely important supplier. Emil’s skills can best be applied at the cutting edge of new software development. This means a win-win situation for us,” emphasizes Bo Danielsen.
Emil is still pinching himself.
“My story illustrates how valuable it is to draw students out of their ‘security bubble’ at their universities.”
Article by Jesper Tornbjerg, DTU Avisen, December 2016