[Excerpt from "Criminals, Hacktivists, and Nation States"originally posted on Adriana Dvorsak's New Solutions blog hosted at Euractiv. Thanks to Adriana for permitting us to share her work here on Analysis Intelligence.]

…these individuals are not susceptible to international law, for example to Geneva conventions which professional soldiers must follow. In addition these individuals are not familiar with military ethics, laws of neutrality, might not have clear intent, do not follow the rules of hierarchical organization. Individuals can be persecuted under national criminal law, therefore we can understand police pushing for change in criminal law to cover more cyber security threats.

Recent Hacktivist Actors and Targets

You may easily manipulate Recorded Future application to get data on longer time line, on different type of events or look at them in a neat interactive Google Earth view. I came across different actors, for example hacktivists, patriot hackers, online activists, organized cyber crime, terrorist organizations, and other autonomous actors and it seems to me that individuals became very important for cyber security. Diverse as they are, they can not be called a military and they will hardly take part in a classical armed conflict where one military confronts another. But they are so important that militaries hire them and even offer them to NATO as national cyber troops. Well, Romanian hacktivists apparently disagreed with such a side job.

The post can be read in full at Euractiv.

We’ll be hosting a webinar with security expert Jeffrey Carr where we’ll demonstrate how Recorded Future can be used to gather cyber intelligence from open source.

Date: Tuesday, January 31, 2012
Time: 11am Eastern; 8am Pacific
Duration: 1 Hour

Register online

Topics we’ll cover include:

• How Recorded Future offers the only solution which can immediately harvest, cluster, and surface predictive signals from unstructured text
• How Recorded Future makes available what the world knows about the future by aggregating forecasts and predictive signals from across the web
• How advanced data visualization tools support patterns of behavior research, forecasting, and identification of influential relationships between entities
• How temporal reasoning partnered with entity and event extraction can be used on the public web or in private, secure clouds
• A live demonstration of open source research on cyber threats including the evaluation of state and non-state threats, corporate security measures, and the sequence of events surrounding Iran’s capturing a RQ-170 drone

Smart grid technology is poised to take the power infrastructure market by storm in the coming decade. The industry in the US is expected to grow from $5.6 billion in 2010 to $9.6 billion by 2015. The US government made an initial $3.6 billion investment in 2009, and now many smart grid firms are showing signs of growth. Big companies like IBM and Lockheed Martin are scrambling to take advantage of this emerging market.

The appeal of the smart grid is its potential to greatly improve the efficiency and stability of the nation’s power infrastructure. For example, the smart grid can “self-heal,” so if a power station goes down in one region the system may be able to adapt and divert resources as needed. Another principle advantage of the smart grid is increased transparency between the customer and the utility, ideally allowing utilities to better manage peak loads and communicate with customers.

Let’s look at the progress. How has the industry fared within the past year?

Smart grid news over the past 12 months

Recorded Future’s sentiment analysis tool can provide immediate feedback on the health of an industry. In this case, we can see plenty of positive sentiment for the smart grid market, and we can also pick out favorable analyst quotations. Three analysts of note that discuss the US smart grid market:

• Paul Korzeniowski of EnergyBiz: “says the number of smart meters deployed in the United States is nearing critical mass and may in fact be leading to a fast approaching transition point in the industry”

• Lawrence Makovich: “the widespread expectation in the United States and around the world today [is that] the smart grid is the next big thing… the reality, he writes, is more sobering. Instead of a disruptive technology poised to transform the power sector, he argues, we should expect a more evolutionary change toward a “smarter” grid, with more modest results.

• Massoud Amin: “there have been an increasing amount of outages per year in the US, and a smart grid could reduce the costs of outages by about $49 billion per year.

As seen above, forecasts for the US smart grid market appear to be generally positive. Analysts like Lawrence Makovich seem more cynical than others about the smart grid’s transformative powers, but even he is cautiously optimistic.

International Outlook

The international market for smart grid technology in the future appears to be even more explosive than in the United States.

Future international market for smart grid technology

China is expected to be a major player in this area, investing around $100 billion into upgrading its power infrastructure . It also appears to have taken the lead in government spending on smart grid projects at $7.3 billion while several other nations in the region are expected to spend $28.8 billion on smart grid projects by 2017.

Security: The Achilles Heal

Although most analysts agree on the general short-term health of the industry, there are some signals that raise concern. Electric Light & Power indicates that the momentum of smart grid development declined in the first half of 2011, and the “weakest link in smart grid’s development has been the lack of attention to automating and modernizing the transmission and distribution network”, according to the smart grid blog Memoori.

However, the biggest risk and potentially limiting factor for progress toward widespread smart grid adoption is security. The smart grid market is serious business with potentially disastrous consequences if it is not implemented correctly. Rolf Adam of Cisco sums up the situation: “From an IT environment security perspective, it’s a nightmare”.

Evidence suggests that he isn’t the only one concerned as fear of an infrastructure attack is on the rise among business executives. In a survey conducted by McAfee, 40 percent of executives surveyed said that their company was not prepared for an attack.

The security of the smart grid is increasingly being brought into question

Over the past year, the security of the smart grid has increasingly been brought into question. The primary concern is that an attacker might be able to exploit vulnerabilities in the hyper-connected grid to cause mass blackouts. VentureBeat highlights why so many industry experts are concerned, “ increasing automation and communications within the electricity grid potentially has a dark side; increased vulnerability to attack.” Ironically, as the grid gets smarter it becomes less secure.

Is anything being done to combat this future threat? What is the biggest future security threat for the smart grid?

Long-term security threats facing the smart grid

The good news is that governments are aware of the problem and resources are being mobilized to combat it. A report by Pike Research, “anticipates that government and regulatory compliance will drive substantial investment in smart grid cyber security”. The group also expects the smart grid cyber security market to reach $3.7 billion by 2015.

Will billions of dollars in cyber security investment solve the problem? Perhaps not. It appears that the biggest problem facing the power grid is non-technical in nature. According to one former government official, “Ninety to 95 percent of the people working on the smart grid are not concerned about security and only see it as a last box they have to check”.

If no one cares about security, it is reasonable to conclude that the system will not be secure, and the New York Times recently highlighted this same point when it said that, “utilities are very reluctant to share information about security vulnerabilities due to liability issues”. It appears that utilities are not encouraging a culture of security around the smart grid. As a result, this could have disastrous consequences for the long-term future of the smart grid.

Conclusion

The smart grid market is a potentially lucrative space, and both the US and international markets are expected to grow substantially over the next decade. Yet, the security concerns are significant enough that they can be expected to slow down progress.

Are you following the smart grid market? Interested in the future of Advanced Metering Infrastructure (AMI) or Meter Data Management (MDM)? Take a look below and see what future projects these companies are working on.

Advanced Metering Infrastructure (AMI):

Analytics:

Demand Response:

Meter Data Management (MDM):

Personal Energy Management (PEM):

Threats surfaced this week from supposed members of hacktivist group Anonymous about plans destroy Facebook on November 5. The claims sparked a variety of commentary about the validity of the individuals’ legitimacy, true affiliations, and capability to carry out such an attack.

While we can’t clear up any of those uncertainties, the reporting does present an opportunity to look forward over the rest of the year in an effort to identify predicted or speculative events that might indicate threat of cyber attacks. We’ve compiled future events for a group of entities related to hacker organizations for viewing on a timeline below to identify potential dates of interest:

Rest of the year related to major hacktivist groups - Click for live view

While these points in time don’t necessitate a disturbance, it’s worth keeping them in sight for risk analysis purposes. This seems especially true given that Anonymous has not been shy about announcing ahead of time their intentions to attack government web properties. This is evidenced by several cases this year in which statements were made prior to targeting sites belonging to Iran, UK, and New Zealand.

Want to follow along with the news? Visit the current results and select “Create Future” to keep tabs on events predicted for the rest of this year related to Anonymous, LulzSec, hackers and more.