University of Illinois researchers on team to stop cyber "stepping stone" attacks

11/8/2018 Allie Arp, CSL

Computer systems protect their valuable assets with layers of protection, much like a castle has a moat, an outer wall, an inner wall, and a keep. Cyber attackers get around these defenses by comprising one computer at a time. Illinois researchers are trying to prevent these "stepping stone" style attacks.

Written by Allie Arp, CSL

Computer systems protect their valuable assets (such as data) with layers of protection, much like a castle has a moat, an outer wall, an inner wall, and a keep. Cyber attackers get around these defenses by comprising one computer to get past one layer, use the newly compromised computer as a base to attack the next defense, and so on. This series-style of hacking is known as “stepping-stone” attacks. University of Illinois researchers are looking at how to prevent this type of malicious infiltration in energy systems, such as the power grid.

The project “Deep Cyber-Physical Situational Awareness for Energy Systems: A Secure Foundation for Next-Generation Energy Management” builds on previous research looking at unexpected access paths a threat could take to compromise an energy system’s network.

“This project is a follow-on to some research we‘ve been doing for almost a decade,” said Edmond Rogers, Information Trust Institute (ITI) smart grid cyber security engineer. “We’re aiming to bring the blending of cyber security and impact information together so
Edmond Rogers
Edmond Rogers
operators can make a more thorough inspection of operational networks.”

 A main focus of the research team is to consider the interactions of various systems as potential targets for attacks. These points are the most vulnerable, and misconfigurations can provide an entry point for hackers. The proposed research will enable the next generation of secure cyber-physical energy management systems, and will result in guidelines on how to perform network analysis, providing valuable insight to industry.

“We view this in terms of improving cyber security and the impact it could have on the overall system,” Rogers said. “We’re specifically looking at the impact to the power grid. Being able to measure the cyber security posture and impact to the power grid is something we’re keenly interested in.”

The research team for this project is made up of researchers from Texas A&M, Sekurity LLC, Sandia National Laboratories, Pacific Northwest National Laboratories, and the US Department of Energy (DOE). The project is funded for three years at $3 million dollars.


Share this story

This story was published November 8, 2018.