Slashdot Mirror

← Back to Stories (view on slashdot.org)

Smart Electricity Meters Can Be Dangerously Insecure, Warns Expert (theguardian.com)

Posted by BeauHD on from the consider-this-a-warning dept.

An anonymous reader quotes a report from The Guardian: Smart electricity meters, of which there are more than 100 million installed around the world, are frequently "dangerously insecure," a security expert has said. The lack of security in the smart utilities raises the prospect of a single line of malicious code cutting power to a home or even causing a catastrophic overload leading to exploding meters or house fires, according to Netanel Rubin, co-founder of the security firm Vaultra. If a hacker took control of a smart meter they would be able to know "exactly when and how much electricity you're using," Rubin told the 33rd Chaos Communications Congress in Hamburg. An attacker could also see whether a home had any expensive electronics. "He can do billing fraud, setting your bill to whatever he likes [...] The scary thing is if you think about the power they have over your electricity. He will have power over all of your smart devices connected to the electricity. This will have more severe consequences: imagine you woke up to find you'd been robbed by a burglar who didn't have to break in. "But even if you don't have smart devices, you are still at risk. An attacker who controls the meter also controls the meter's software, allowing him to cause it to literally explode." The problems at the heart of the insecurity stem from outdated protocols, half-hearted implementations and weak design principles. To communicate with the utility company, most smart meters use GSM, the 2G mobile standard. That has a fairly well-known weakness whereby an attacker with a fake mobile tower can cause devices to "hand over" to the fake version from the real tower, simply by providing a strong signal. In GSM, devices have to authenticate with towers, but not the other way round, allowing the fake mast to send its own commands to the meter. Worse still, said Rubin, all the meters from one utility used the same hardcoded credentials. "If an attacker gains access to one meter, it gains access to them all. It is the one key to rule them all."

5 of 163 comments (clear)

  1. O RLY? by ColaMan · · Score: 4, Informative

    So, a house fire traced back to a faulty meter means that they can be 'hacked to literally explode'. Excellent extrapolation there guys.

    Smart meters may - or may not - have a relay to control loads on a different tariff than the usual "always on 24/7" one. They may possibly be hacked to turn this relay on - or off, making them a bit of a nuisance.

    But explosions? Or house fires even? A bit hard to believe.

    --

    You are in a twisty maze of processor lines, all alike.
    There is a lot of hype here.
  2. Re:Overload, really?? by Highdude702 · · Score: 3, Informative

    Thank you, Im an electrician by trade. I have had people ask me to do crazy shit.. like in tower work they want a wire going from one wall in a room to another wall in a room, the floor and ceiling is concrete. Ofcourse they dont want you to cut holes though. i have actually told customers i didnt like much, "Im an electrician not a magician" and that cant be done with out damage. i was reading the summary and wondered how in the world it could cause the meter to explode, and i cant figure out what kindof hardware setup inside could make it explode. Now on the other hand, if each leg of power has a separate contact switch, and they are controlled separately you could in theory kill alot of the electronics in a home and set ones that dont have protection on fire if they can disconnect the neutral wire only and leave the power legs on. But in most meterpanels the neutral wire is put onto a busbar that does not disconnect. or the other way would be to turn one of the legs of power off and hope for the worst, which would only effect 220V+ equipment(electric stove or oven, air-conditioner) and even then it would depend on how the device was built.

  3. I have worked on parts of power meters and this by gemtech · · Score: 4, Informative

    is a load of crap. These are state machines, typically written in embedded C. There are typically current transformers that have a large winding ratio, even if the electronics/firmware screws up there is no back driving the power line. And no relays. This guy has been watching too much Hollywood.

    --
    Insanity: doing the same thing over and over again and expecting different results. Albert Einstein
  4. Re:Old news is still news... by Darinbob · · Score: 4, Informative

    They HAVE been addressed. They were addressed before he brought up the issues. There is more than one maker of smart meters out there, you don't judge all autos based on the Yugo, so why brand all smart meters based upon the worst ones?

    I've been in this industry for 7 years, and the way the uses "most" in every other paragraph is silly. But then you could count cheap Chinese mobile phones sold by the bucket to claim that most smart phones were poorly made, unreliable, and liable to catch fire.

    We have security penetration testers sniffing through our source code and coming up with very obscure bugs which we're required to fix before release. We've had to cajole customers into turning on security (there's a bit of fear of being locked out). Yes good security is expensive but it brings in revenue also as it's a major selling feature. It's may be easier to hack the utility's back office than to hack the meters.

    This is not to say that security is good enough. Of course, we need to do better. We need to do better at everything as far as security goes.

  5. Re:Old news is still news... by tlhIngan · · Score: 3, Informative

    In this case the most obvious way to do better is not use 'smart' meters. They're not saving us any money. And without seeing that spinning wheel, I can't tell how fast I'm consuming the electricity. The old meters are secure and robust. Why try to 'fix' what ain't broke?

    Well, the reason is several.

    First, in places where there's electricity theft, smart meters allow for detection - if you measure the power consumed in a neighbourhood, the sum of the power consumed by each house should tally up. If not, then they investigate.

    As for seeing how much you consume, it's actually easy. Most meters have a "virtual wheel" or a blinking light. The virtual wheel is on the display and just moves like the old wheel does, though it is a bit smaller. If it's a light, then each blink represents a fixed unit of kWh - you need to refer to the meter to find the metrological number which tells you how much kWh each pulse represents.

    And if not that, a log into the website often can tell you your current usage. Some even sell you a device that lets you remotely monitor the meter - which can tell you your current usage, the current reading, etc.

    Most smart meters are properly designed - the reason it's a light is because the measurement board just gives a pulse every fixed kWh consumed and that's the only communications available. The electronics board tallies up the count and displays it. Hack the meter and ...? There's no connection to the measurement board - it just receives pulses.

    As for the communications options, some use a proprietary WiFi that's 802.11g-based, but at 900MHz, others are using a 3G cellular network. Others use regular WiFi. So "da evil smart meter waves" are basically cordless phones/garage door/etc (900MHz ISM shared military radar), cellphone or WiFi.

    Granted, there are probably some options used in other parts of the world - though a full power disconnect is rare because of the cost of ab appropriate contactor (usually either a liquid or gas insulated contactor) but those are usually separate devices due to cost.