I can’t recall that electric meters were ever referred to as “dumb meters”, nevertheless, we now have a new breed of meters that the industry is calling “smart meters”. But are they really?
More to the point, are we being smart in adopting this new technology without a complete and probing review of the security implications posed by the rush to implement this technology? (I was forced to accept the installation of a smart meter earlier this year).
Smart Meters, on the face of it, sound ultra cool. A Smart Meter, by definition, can monitor electricity usage and communicate with your electricity supplier. The supplier will then bill you on factors that include your consumption, cost adjusted, based on the time of day and the season. Use during high demand, or peak periods, will cost more money.
The stated objective is – billing consumers by how much electricity is consumed, and at what time of day, will force us to adjust our consumption habits to be more responsive to perceived savings, or additional costs. Hopefully, according to energy gurus, this will delay or eliminate the construction of additional generating facilities, and the associated environmental costs.
So what could be the downside to getting on board the speeding locomotive called the “green movement”, which is designed (we’re told), to make all of us more environmentally conscious?
Well here’s the rub with smart meters – according to industry sources, communication technologies being considered, or already in use for smart meters, include cell and pager networks, licensed radio or unlicensed radio, power line communication, and others.
So here’s my question – haven’t we learned anything when it comes to cost benefit and risk association?
The one indisputable commonality of communication technologies is this: each and every one can be intercepted, or hacked – and hacked easily.
Should we worry, should we be concerned, that the major lifeline (try living without electricity), to our way of life can, or will, be compromised? You bet!
In a recent article “Building the Smart Grid: Proven Methods to Secure the Future” by Joshua Pennell and Michael Davis, of security firm IOActive
“IOActive researchers were able to identify multiple programming errors on a series of smart meter platforms ranging from the inappropriate use of banned functions to protocol implementation issues.
The research team was able to “weaponize” these attack vectors, and create an in-flash rootkit, which allowed them to assume full system control of all exposed smart meter capabilities, including remote power on, power off, usage reporting, and communication configurations.
The initial attack vector could also be leveraged to deploy a worm, much like the Blaster worm that wreaked havoc on computer systems in 2003. The consequences of such threats are potentially widespread and devastating”.
…… cyber security experts said some types of meters can be hacked, as can other points in the Smart Grid’s communications systems. IOActive, a professional security services firm, determined that an attacker with $500 of equipment and materials and a background in electronics and software engineering could “take command and control of the (advanced meter infrastructure) allowing for the en-masse manipulation of service to homes and businesses.”
Experts said that once in the system, a hacker could gain control of thousands, even millions, of meters and shut them off simultaneously.
A hacker also might be able to dramatically increase or decrease the demand for power, disrupting the load balance on the local power grid and causing a blackout. These experts said such a localized power outage would cascade to other parts of the grid, expanding the blackout. No one knows how big it could get.
Not worried yet? Then you should be. If you’re unfamiliar with the prevalence of hacking and cybercrime, let me offer you this quote from my good friend TechPaul, “The Internet shadow economy is worth over $105 billion/year. No country, no person, no business and no government is immune from Cybercrime”.
I find it impossible to believe that cyber criminals will not take advantage of the enormous attack surface that smart meters will present. These are the same cyber criminals, who frequently hold individual Internet connected computers for ransom using a vicious form of malware.
I don’t know about you, but I’m very tired of being held as a “hostage to fortune” in a present, and a future, created by and large, by the same illogical thinking patterns and by the same careless people (I’m being kind here), who in many cases, are responsible for the economic meltdown we are now forced to deal with.
Whatever happened to the application of logic? We need to stop listening to these morons – right now. They certainly don’t have your best interest at heart.
If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.