Two days before Christmas 2015, hackers took down a Ukrainian power grid, leaving a quarter-million people without electricity for hours. Ukrainian officials suspected 鈥 but never publicly confirmed 鈥 that the Russian government was behind the sophisticated operation.
It was the first known successful cyberattack against an electrical grid. It was also a shot across the bow of utilities, factories and industrial installations everywhere.
Now a team of four graduate students from the University of Washington鈥檚 Information School is taking up the challenge of protecting these types of critical infrastructure. They鈥檙e working with cybersecurity consulting firm , headquartered in California.
鈥淓lectrical grids, water-treatment plants, waste-management plants, this is the infrastructure that holds cities and society together, right?鈥 said Lovely-Frances Domingo, one of the students. 鈥淭hey're very important parts of urban life. In any way that they're disturbed, it鈥檚 going to impact so many people.鈥
The other team members are Elizabeth Crooks, Yini Guan and Hemica Saxena. They鈥檙e second-year students in the Master of Science in Information Management (MSIM) program. This is their Capstone project, an end-of academic career requirement for graduation. They started working on the project in the fall.
The technology that runs many of these installations is known as legacy systems, basically outdated computer systems, Saxena said. With a growing threat of cyberattacks, there鈥檚 been more of an effort to safeguard these industrial control systems, she said.
鈥淭his is the reason that companies like FireEye are helping to protect and provide services 鈥 to make these systems secure,鈥 Saxena said.
The threat is exacerbated by the internet of things, the concept of connecting everyday objects online, Crooks said. Public organizations and private companies are doing this to achieve efficiencies and reduce costs, she said, but that鈥檚 making infrastructure vulnerable to outside attacks.
鈥淲hile the goodness of technology is growing, the evilness of the technology world is growing at the same time.鈥
鈥淚f you think about a power plant, that wasn't likely being networked in any significant way until pretty recently,鈥 Crooks said. 鈥淪o, the chances of somebody being able to get into their systems was way lower.鈥
Traditionally, these plants have relied on 鈥渟ecurity by obscurity,鈥 being at low risk of an attack because they were relatively unknown, Guan said. That鈥檚 clearly not the case anymore, she said.
鈥淲hile the goodness of technology is growing, the evilness of the technology world is growing at the same time,鈥 Guan said.
FireEye is working on ways to combat this threat, including projects to streamline vulnerability management for industrial facilities and critical infrastructure.
With a power plant or water-treatment plant or other installation, keeping things running is often the top priority, Crooks said.
鈥淥ne of their concerns is knowing what vulnerabilities they have and then being able to internally prioritize them to say, 鈥極K, this is something that we actually do need to fix,鈥 or 鈥榃e鈥檙e aware of this, but we know that it's not as big of a deal,鈥欌 Crooks said.
The students are helping FireEye with the platform鈥檚 user-experience design for one of its projects, said Daniel Kapellmann Zafra, a FireEye senior cyber threat analyst who is based in Virginia.
FireEye wants to address the challenge of vulnerability management for industrial facilities following user-centered design principles, Kapellmann Zafra said.
The students have been meeting via Skype with the FireEye team once every week or two. FireEye worked with a team from the iSchool on another project in the last academic year at Kapellmann Zafra鈥檚 urging. A 2017 graduate of the iSchool鈥檚 MSIM program, Kapellmann Zafra was familiar with how the school emphasizes the needs of the technology user.
鈥淜nowing that was the focus of the school, I thought it was a good idea to reach out to students and try to get some fresh ideas,鈥 he said.
The project appealed to the students, because it involved their individual interests and topics that they鈥檙e studying in their classes, including information security, user experience and business intelligence. Classes that have stood out to them include cybersecurity function and trends; business intelligence systems; operational risks in public and private sectors; managing enterprise security; and design methods.
During meetings with FireEye, Saxena said, she understands the scenarios discussed, in part because of her coursework.
In the design methods class, the instructor taught students to really dig into the context of situations, to be curious, to ask the extra question, Domingo said.
鈥淪o, you see this event, but what happened underneath?鈥 Domingo said. 鈥淲hat are the other factors that are tied to it?鈥
The students are putting this instruction to use. They hope the concept that they deliver will allow industrial institutions to share information about vulnerabilities and allow people to talk to each other.
鈥淪o, they're not just passively defending against whatever attacks come, but instead taking a more preventative measure,鈥 Guan said. 鈥淏y building this information system, we鈥檙e enabling this information flow so people who need to know can be given the power to do their jobs.鈥
Photo at top: From left, Elizabeth Crooks, Lovely-Frances Domingo, Hemica Saxena and Yini Guan.