A new threat to personal information is emerging from an unlikely source: the humble domestic light switch.
As the digital age continues to grow, hackers are finding new ways to secure sensitive information that could have serious repercussions. And that information can now be gathered through power networks.
The introduction of smart grids, or the digitalisation of electrical power grids, has created new vulnerabilities as homes and utilities are beginning to rely on network connectivity.
Fadi Aloul, a cyber security advisor and professor at the American University in Sharjah, says smart grids are the future and offer several advantages over current systems such as being able to monitor electricity usage remotely via an electronic device.
Have you ever been on your way to work and suddenly wondered: “Did I turn off the coffee pot?” With a smart power system a user can check what devices are switched on in their home via a mobile phone. A user can turn off the breaker that powers kitchen appliances with just a screen swipe while they are not actually at home.
The Dubai Electricity and Water Authority (Dewa) began a smart metering pilot project in 2005 that led to the utility upgrading its automation network including communications systems and remote operations. Dewa's smart networks and metering project, estimated to cost Dh7 billion, will replace 250,000 meters spanning over residential, industrial and commercial properties.
While this technology will elevate services, Mr Aloul cautions that there was no such existence of a completely secure system. Just like a user being able to access and cut power remotely, so can criminals.
“With every new gadget, there comes a lot of risk and security issues, especially at the beginning,” he says. “Security could come last on priorities – that gives hackers the freedom to take advantage.”
Mr Aloul says criminals could monitor a consumer’s home network to access data. This could include electricity usage, which may indicate when a homeowner is out of town, giving useful information to a potential burglar. A more serious risk could be the compromising of sensitive information on a home computer. “Everything is physically accessible with a smart grid,” Mr Aloul says.
Home networks are especially vulnerable because the public is not well educated about the risks, he says. By contrast, companies such as utilities funnel money into making servers stronger. “The human security [aspect] is the weakest link in any organisation and that’s what most hackers are after.”
Mr Aloul says there are three main entry points, or gateways for cyber criminals, in smart grid networks. These include: home devices such as meters; utility companies; and the network in between such as transmission and distribution lines.
Utility and commercial operations have already seen attacks from large, organised hacker groups, which ultimately hurt companies and sometimes governments. In addition, Mr Aloul points out that cyber activists or even state-funded groups could target power operations that may even threaten national security by executing attacks to take out entire power grids.
The American technology firm, F5 Networks, says it is looking to focus more on power-sector security as more systems depend on these types of connections.
The senior systems engineering manager Gary Newe says security is a “hot” division for the company right now.
The information technology research firm Gartner expects the cyber security industry to grow 8.2 per cent this year to US$76.9 billion. And the increasing adoption of mobile, cloud, social and information that is often interconnected will drive new security measures through 2016.
“Once you start to look at user information and move it to real time metering, the possibilities of what that data could be used for are pretty much endless,” Mr Newe says.
He says with critical infrastructure such as power stations, sensitive information in the wrong hands can cause serious damage.
"If [companies] are connected to the internet or internal networks, hackers can find a way to exploit [operations]," says Mr Newe. "There is the potential for scary things to happen."
He points to a recent attack by hackers on a German steel mill. The German federal office for Information Security (BSI) released its annual report in December that said hackers used emails to release malware, a software bug, that penetrated the mill’s automation system. The attack made parts of the plant fail, resulting in a potentially fatal furnace blast. The BSI said the infiltration caused “massive damage”, but did not specify how much the attack cost the company.
This particular crime used a method known as spear phishing; sending emails that target particular company individuals. These messages appear to come from an official source, such as the head of the company, and ask for login information including passwords.
Mr Newe says there has been a noticeable shift in the cyber criminals’ approach over the past 12 to 18 months. There has been a rise in “blended attacks” where a large attack is perpetrated to act as a diversion from a smaller, more targeted attack.
He also points to “denial of service” attacks, whereby a server is so overwhelmed with requests it goes offline. In addition is what is termed the domain name system reflection approach, where an attack is amplified by using a critical piece of internet infrastructure such as the network interface bandwidth, or data processing capacity.
This method can debilitate very large networks such as real-time trading platforms or financial institutions.
Mr Newe says F5 has seen cyber attacks rocket by 200 to 300 per cent in the past 12 months.
This has led to the European Union, among others, looking to aggressively address the issue before it is too late.
According to a July report by the Organisation for Security and Cooperation in Europe (OSCE), the EU allocated €3.5 million (Dh14.5m) to develop a decision support system (DSS) for power grid operators.
This computer system helps organisations to determine security responses based on various simulations.
The EU DSS will help grid operators mimic cyber invasions to analyse which areas could be brought down while also calculating the amount of time it would be likely to take to restore the compromised infrastructure.
The system will also assess the economic costs of an incident and provide recommendations on how to address weaknesses in Europe’s power supply. Although the system is still under construction, the potential financial losses as a result of electricity disruptions can be seen in examples such as Egypt’s chronic power shortages that reached heights last summer.
While Mr Newe says it is extremely difficult to assess how much cyber attacks are costing networks, large-scale power outages caused by other reasons can give an idea.
In September, the Suez Canal Authority was forced to declare a state of emergency as blackouts crippled vessel movement on the waterway that provides some $5bn in annual revenue. Ships were forced to remain stationary because communication networks, which depend on electricity, were unable to function. Disruptions to industries such as iron, steel and oil refineries and pumping stations cost the Egyptian government an estimated $140m in revenue.
Power grids are also susceptible to natural disasters. In the United States, Mississippi suffered a major blow to the its economy in 2005 when Hurricane Katrina destroyed the power supply for one of its main revenue earning industries, gaming.
Prior to the storm, casinos on the Mississippi Gulf Coast generated about $2.8bn in annual revenue and made up about $330m of state and local governments’ tax revenues, according to the American Gaming Association.
To get an idea of what the cost of a similar outage caused by online criminals might be, substitute “cyber attack” for Hurricane Katrina”.
Based on the revenue losses recorded for 2005, each day the casinos were unable to operate cost the industry some $7.6m, or $320,000 an hour. A power failure taking out the grid for three hours would result in a loss of almost $1m.
“Gaming, finance, power – hackers don’t discriminate. It’s across the board,” Mr Newe says.
But he is optimistic about the power sector doing everything it can to increase protection with the rise in the deployment of of smart grids because “they’re charged to protect consumer data”.
He adds that solutions usually only come after a situation has occurred. “We don’t know what the possibilities are and we don’t know the vulnerabilities,” Mr Newe says.
“It will take someone to identify the problem before we can combat it.”
lgraves@thenational.ae
Follow The National's Business section on Twitter
COMPANY%20PROFILE
%3Cp%3E%3Cstrong%3ECompany%3A%3C%2Fstrong%3E%20Eco%20Way%3Cbr%3E%3Cstrong%3EStarted%3A%3C%2Fstrong%3E%20December%202023%3Cbr%3E%3Cstrong%3EFounder%3A%3C%2Fstrong%3E%20Ivan%20Kroshnyi%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20Dubai%2C%20UAE%3Cbr%3E%3Cstrong%3EIndustry%3A%3C%2Fstrong%3E%20Electric%20vehicles%3Cbr%3E%3Cstrong%3EInvestors%3A%3C%2Fstrong%3E%20Bootstrapped%20with%20undisclosed%20funding.%20Looking%20to%20raise%20funds%20from%20outside%3Cbr%3E%3C%2Fp%3E%0A
ANATOMY%20OF%20A%20FALL
%3Cp%3E%3Cstrong%3EDirector%3A%20%3C%2Fstrong%3EJustine%20Triet%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStarring%3A%20%3C%2Fstrong%3ESandra%20Huller%2C%20Swann%20Arlaud%2C%20Milo%20Machado-Graner%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3A%3C%2Fstrong%3E%205%2F5%3C%2Fp%3E%0A
Company%20profile
%3Cp%3E%3Cstrong%3ECompany%20name%3A%3C%2Fstrong%3E%20Fasset%0D%3Cbr%3E%3Cstrong%3EStarted%3A%20%3C%2Fstrong%3E2019%0D%3Cbr%3E%3Cstrong%3EFounders%3A%3C%2Fstrong%3E%20Mohammad%20Raafi%20Hossain%2C%20Daniel%20Ahmed%0D%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20Dubai%0D%3Cbr%3E%3Cstrong%3ESector%3A%20%3C%2Fstrong%3EFinTech%0D%3Cbr%3E%3Cstrong%3EInitial%20investment%3A%3C%2Fstrong%3E%20%242.45%20million%0D%3Cbr%3E%3Cstrong%3ECurrent%20number%20of%20staff%3A%3C%2Fstrong%3E%2086%0D%3Cbr%3E%3Cstrong%3EInvestment%20stage%3A%3C%2Fstrong%3E%20Pre-series%20B%0D%3Cbr%3E%3Cstrong%3EInvestors%3A%3C%2Fstrong%3E%20Investcorp%2C%20Liberty%20City%20Ventures%2C%20Fatima%20Gobi%20Ventures%2C%20Primal%20Capital%2C%20Wealthwell%20Ventures%2C%20FHS%20Capital%2C%20VN2%20Capital%2C%20local%20family%20offices%3C%2Fp%3E%0A
The%20Specs
%3Cp%3E%3Cstrong%3EEngine%3A%3C%2Fstrong%3E%201.6-litre%204-cylinder%20petrol%3Cbr%3E%3Cstrong%3EPower%3A%20%3C%2Fstrong%3E118hp%3Cbr%3E%3Cstrong%3ETorque%3A%3C%2Fstrong%3E%20149Nm%3Cbr%3E%3Cstrong%3ETransmission%3A%3C%2Fstrong%3E%20Six-speed%20automatic%3Cbr%3E%3Cstrong%3EPrice%3A%3C%2Fstrong%3E%20From%20Dh61%2C500%3Cbr%3E%3Cstrong%3EOn%20sale%3A%3C%2Fstrong%3E%20Now%3C%2Fp%3E%0A
COMPANY%20PROFILE
%3Cp%3E%3Cstrong%3EName%3A%20%3C%2Fstrong%3ESmartCrowd%0D%3Cbr%3E%3Cstrong%3EStarted%3A%20%3C%2Fstrong%3E2018%0D%3Cbr%3E%3Cstrong%3EFounder%3A%20%3C%2Fstrong%3ESiddiq%20Farid%20and%20Musfique%20Ahmed%0D%3Cbr%3E%3Cstrong%3EBased%3A%20%3C%2Fstrong%3EDubai%0D%3Cbr%3E%3Cstrong%3ESector%3A%20%3C%2Fstrong%3EFinTech%20%2F%20PropTech%0D%3Cbr%3E%3Cstrong%3EInitial%20investment%3A%20%3C%2Fstrong%3E%24650%2C000%0D%3Cbr%3E%3Cstrong%3ECurrent%20number%20of%20staff%3A%3C%2Fstrong%3E%2035%0D%3Cbr%3E%3Cstrong%3EInvestment%20stage%3A%20%3C%2Fstrong%3ESeries%20A%0D%3Cbr%3E%3Cstrong%3EInvestors%3A%20%3C%2Fstrong%3EVarious%20institutional%20investors%20and%20notable%20angel%20investors%20(500%20MENA%2C%20Shurooq%2C%20Mada%2C%20Seedstar%2C%20Tricap)%3C%2Fp%3E%0A
COMPANY%20PROFILE
%3Cp%3E%3Cstrong%3ECompany%20name%3A%3C%2Fstrong%3E%20Revibe%20%0D%3Cbr%3E%3Cstrong%3EStarted%3A%3C%2Fstrong%3E%202022%0D%3Cbr%3E%3Cstrong%3EFounders%3A%3C%2Fstrong%3E%20Hamza%20Iraqui%20and%20Abdessamad%20Ben%20Zakour%20%0D%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20UAE%20%0D%3Cbr%3E%3Cstrong%3EIndustry%3A%3C%2Fstrong%3E%20Refurbished%20electronics%20%0D%3Cbr%3E%3Cstrong%3EFunds%20raised%20so%20far%3A%3C%2Fstrong%3E%20%2410m%20%0D%3Cbr%3E%3Cstrong%3EInvestors%3A%20%3C%2Fstrong%3EFlat6Labs%2C%20Resonance%20and%20various%20others%0D%3C%2Fp%3E%0A
The Penguin
Starring: Colin Farrell, Cristin Milioti, Rhenzy Feliz
Creator: Lauren LeFranc
Rating: 4/5
Results:
CSIL 2-star 145cm One Round with Jump-Off
1. Alice Debany Clero (USA) on Amareusa S 38.83 seconds
2. Anikka Sande (NOR) For Cash 2 39.09
3. Georgia Tame (GBR) Cash Up 39.42
4. Nadia Taryam (UAE) Askaria 3 39.63
5. Miriam Schneider (GER) Fidelius G 47.74
Mercer, the investment consulting arm of US services company Marsh & McLennan, expects its wealth division to at least double its assets under management (AUM) in the Middle East as wealth in the region continues to grow despite economic headwinds, a company official said.
Mercer Wealth, which globally has $160 billion in AUM, plans to boost its AUM in the region to $2-$3bn in the next 2-3 years from the present $1bn, said Yasir AbuShaban, a Dubai-based principal with Mercer Wealth.
“Within the next two to three years, we are looking at reaching $2 to $3 billion as a conservative estimate and we do see an opportunity to do so,” said Mr AbuShaban.
Mercer does not directly make investments, but allocates clients’ money they have discretion to, to professional asset managers. They also provide advice to clients.
“We have buying power. We can negotiate on their (client’s) behalf with asset managers to provide them lower fees than they otherwise would have to get on their own,” he added.
Mercer Wealth’s clients include sovereign wealth funds, family offices, and insurance companies among others.
From its office in Dubai, Mercer also looks after Africa, India and Turkey, where they also see opportunity for growth.
Wealth creation in Middle East and Africa (MEA) grew 8.5 per cent to $8.1 trillion last year from $7.5tn in 2015, higher than last year’s global average of 6 per cent and the second-highest growth in a region after Asia-Pacific which grew 9.9 per cent, according to consultancy Boston Consulting Group (BCG). In the region, where wealth grew just 1.9 per cent in 2015 compared with 2014, a pickup in oil prices has helped in wealth generation.
BCG is forecasting MEA wealth will rise to $12tn by 2021, growing at an annual average of 8 per cent.
Drivers of wealth generation in the region will be split evenly between new wealth creation and growth of performance of existing assets, according to BCG.
Another general trend in the region is clients’ looking for a comprehensive approach to investing, according to Mr AbuShaban.
“Institutional investors or some of the families are seeing a slowdown in the available capital they have to invest and in that sense they are looking at optimizing the way they manage their portfolios and making sure they are not investing haphazardly and different parts of their investment are working together,” said Mr AbuShaban.
Some clients also have a higher appetite for risk, given the low interest-rate environment that does not provide enough yield for some institutional investors. These clients are keen to invest in illiquid assets, such as private equity and infrastructure.
“What we have seen is a desire for higher returns in what has been a low-return environment specifically in various fixed income or bonds,” he said.
“In this environment, we have seen a de facto increase in the risk that clients are taking in things like illiquid investments, private equity investments, infrastructure and private debt, those kind of investments were higher illiquidity results in incrementally higher returns.”
The Abu Dhabi Investment Authority, one of the largest sovereign wealth funds, said in its 2016 report that has gradually increased its exposure in direct private equity and private credit transactions, mainly in Asian markets and especially in China and India. The authority’s private equity department focused on structured equities owing to “their defensive characteristics.”
Superpower%20
%3Cp%3E%3Cstrong%3EDirector%3A%20%3C%2Fstrong%3ESean%20Penn%2C%20Aaron%20Kaufman%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3A%20%3C%2Fstrong%3E3%2F5%3C%2Fp%3E%0A
Jawan
%3Cp%3E%3Cstrong%3EDirector%3A%20%3C%2Fstrong%3EAtlee%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStars%3A%3C%2Fstrong%3E%20Shah%20Rukh%20Khan%2C%20Nayanthara%2C%20Vijay%20Sethupathi%26nbsp%3B%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3A%20%3C%2Fstrong%3E4%2F5%3C%2Fp%3E%0A
Company%20Profile
%3Cp%3E%3Cstrong%3ECompany%20name%3A%20%3C%2Fstrong%3ENamara%0D%3Cbr%3E%3Cstrong%3EStarted%3A%20%3C%2Fstrong%3EJune%202022%0D%3Cbr%3E%3Cstrong%3EFounder%3A%20%3C%2Fstrong%3EMohammed%20Alnamara%0D%3Cbr%3E%3Cstrong%3EBased%3A%20%3C%2Fstrong%3EDubai%20%0D%3Cbr%3E%3Cstrong%3ESector%3A%20%3C%2Fstrong%3EMicrofinance%0D%3Cbr%3E%3Cstrong%3ECurrent%20number%20of%20staff%3A%20%3C%2Fstrong%3E16%0D%3Cbr%3E%3Cstrong%3EInvestment%20stage%3A%20%3C%2Fstrong%3ESeries%20A%0D%3Cbr%3E%3Cstrong%3EInvestors%3A%20%3C%2Fstrong%3EFamily%20offices%0D%3Cbr%3E%3C%2Fp%3E%0A
Israel Palestine on Swedish TV 1958-1989
Director: Goran Hugo Olsson
Rating: 5/5
Ant-Man and the Wasp
Director: Peyton Reed
Starring: Paul Rudd, Evangeline Lilly, Michael Douglas
Three stars
BIO
Favourite holiday destination: Turkey - because the government look after animals so well there.
Favourite film: I love scary movies. I have so many favourites but The Ring stands out.
Favourite book: The Lord of the Rings. I didn’t like the movies but I loved the books.
Favourite colour: Black.
Favourite music: Hard rock. I actually also perform as a rock DJ in Dubai.
Company%20Profile
%3Cp%3E%3Cstrong%3ECompany%20name%3A%3C%2Fstrong%3E%20Hoopla%3Cbr%3E%3Cstrong%3EDate%20started%3A%20%3C%2Fstrong%3EMarch%202023%3Cbr%3E%3Cstrong%3EFounder%3A%3C%2Fstrong%3E%20Jacqueline%20Perrottet%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20Dubai%3Cbr%3E%3Cstrong%3ENumber%20of%20staff%3A%3C%2Fstrong%3E%2010%3Cbr%3E%3Cstrong%3EInvestment%20stage%3A%20%3C%2Fstrong%3EPre-seed%3Cbr%3E%3Cstrong%3EInvestment%20required%3A%3C%2Fstrong%3E%20%24500%2C000%3C%2Fp%3E%0A
COMPANY%20PROFILE
%3Cp%3E%3Cstrong%3ECompany%20name%3A%3C%2Fstrong%3E%20Klipit%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStarted%3A%3C%2Fstrong%3E%202022%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EFounders%3A%3C%2Fstrong%3E%20Venkat%20Reddy%2C%20Mohammed%20Al%20Bulooki%2C%20Bilal%20Merchant%2C%20Asif%20Ahmed%2C%20Ovais%20Merchant%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20Dubai%2C%20UAE%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EIndustry%3A%3C%2Fstrong%3E%20Digital%20receipts%2C%20finance%2C%20blockchain%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EFunding%3A%3C%2Fstrong%3E%20%244%20million%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EInvestors%3A%3C%2Fstrong%3E%20Privately%2Fself-funded%3C%2Fp%3E%0A
Barbie
%3Cp%3E%3Cstrong%3EDirector%3A%3C%2Fstrong%3E%20Greta%20Gerwig%3Cbr%3E%3Cstrong%3EStars%3A%3C%2Fstrong%3E%20Margot%20Robbie%2C%20Ryan%20Gosling%2C%20Will%20Ferrell%2C%20America%20Ferrera%3Cbr%3E%3Cstrong%3ERating%3A%3C%2Fstrong%3E%204%2F5%3Cbr%3E%3C%2Fp%3E%0A
MATCH INFO
Uefa Champions League semi-final, first leg
Tottenham v Ajax, Tuesday, 11pm (UAE).
Second leg
Ajax v Tottenham, Wednesday, May 8, 11pm
Games on BeIN Sports
MATCH INFO
First Test at Barbados
West Indies won by 381 runs
Second Test at Antigua
West Indies won by 10 wickets
Third Test at St Lucia
February 9-13
The five pillars of Islam
1. Fasting
2. Prayer
3. Hajj
4. Shahada
5. Zakat