How weaponizing disinformation can bring down a citys power grid


Abstract in English

Social technologies have made it possible to propagate disinformation and manipulate the masses at an unprecedented scale. This is particularly alarming from a security perspective, as humans have proven to be the weakest link when protecting critical infrastructure in general, and the power grid in particular. Here, we consider an attack in which an adversary attempts to manipulate the behavior of energy consumers by sending fake discount notifications encouraging them to shift their consumption into the peak-demand period. We conduct surveys to assess the propensity of people to follow-through on such notifications and forward them to their friends. This allows us to model how the disinformation propagates through social networks. Finally, using Greater London as a case study, we show that disinformation can indeed be used to orchestrate an attack wherein unwitting consumers synchronize their energy-usage patterns, resulting in blackouts on a city-scale. These findings demonstrate that in an era when disinformation can be weaponized, system vulnerabilities arise not only from the hardware and software of critical infrastructure, but also from the behavior of the consumers.

Download