Late in January, cyberthieves stole about €30 million worth of carbon allowances from several national registries of the European Union’s Emissions Trading Scheme (ETS). As a result, EU carbon offset trading, “a cornerstone of the European Union’s policy to combat climate change,” according to the ETS site, has been shut down for over a week.
The national registries, which are government agencies, did not discover the thefts. Blackstone Global Ventures first noticed that their allowances had been stolen from the Czech registry. Their website has the following notice:
Stolen EUA. Yesterday at 12 CET 475 000 allowances were unlawfully removed from our account with the Czech registry (OTE). We are doing our outmost [sic] to resolve the problem and want to make all market participants aware of the incident. Please find the serial ID numbers in the following link: SerialIDs.pdf
There is no central registry of EU carbon allowances, even though they are traded as a single market. Each nation manages and secures its own registry, as it sees fit. In addition to the Czech Republic, allowances were missing from the national registries of Austria and Greece. The Czech Republic thefts coincided with a bomb threat that required evacuation of their building, suggesting insider collusion.
How could the national registries have known that they would be targeted? Easily. This wasn’t the first attack.
In February 2010, a phishing attack stole 250,000 carbon allowances worth over €3 million at the time, forcing 13 national registries to close. The attack was elementary. Phishers created a phony email asking traders to log on to their site and revalidate their information. The email contained a link to a bogus website, enabling the attackers to capture the traders’ logon IDs and passwords. The attackers then logged on as the traders, transferred the allowances to their accounts, and then quickly sold them.
After the February 2010 attack was discovered, administrators of the ETS promised a “security review”. In light of the current attack one must hope that the review’s recommendations have not yet been deployed. Regardless, the ETS had already been attacked one year ago.
Two days after the most recent attack – while the ETS was still closed – an ETS governance committee convened to propose a ban on trading in certain carbon allowances from Asia. Trading governance continued unabated even as trading was impossible. Business went on as usual while in the midst of a cyber-attack, suggesting that the ETS may not have a Business Continuity Plan.
What is the real problem here? Just like Smart Grids, no one is in charge in cyber security. No one person or body owns the end-to-end security of the ETS. Each of the many and varied players is allowed to secure their systems as well (or poorly) as they choose. Meanwhile, these variously secured systems are linked to form a single marketplace. Security is only as strong as its weakest link and the criminals have found the weakest link. Twice.
The answer, which the ETS appears to have identified, is to centralize the security. Or at the very least, centralize security policy. So, in time all national registries will have a consistent level of protection. “In time” appears to mean “in 2013” – so there remain two more years of inconsistent protection. Still, there’s a plan to centralize protection.
Now – how do we accomplish the same objective for smart metering?