Smart Electricity Meters Can Be Dangerously Insecure, Warns Expert

An anonymous reader quotes a report from The Guardian: Smart electricity meters, of which there are more than 100 million installed around the world, are frequently "dangerously insecure," a security expert has said. The lack of security in the smart utilities raises the prospect of a single line of malicious code cutting power to a home or even causing a catastrophic overload leading to exploding meters or house fires, according to Netanel Rubin, co-founder of the security firm Vaultra. If a hacker took control of a smart meter they would be able to know "exactly when and how much electricity you're using," Rubin told the 33rd Chaos Communications Congress in Hamburg. An attacker could also see whether a home had any expensive electronics. "He can do billing fraud, setting your bill to whatever he likes [...] The scary thing is if you think about the power they have over your electricity. He will have power over all of your smart devices connected to the electricity. This will have more severe consequences: imagine you woke up to find you'd been robbed by a burglar who didn't have to break in. "But even if you don't have smart devices, you are still at risk. An attacker who controls the meter also controls the meter's software, allowing him to cause it to literally explode." The problems at the heart of the insecurity stem from outdated protocols, half-hearted implementations and weak design principles. To communicate with the utility company, most smart meters use GSM, the 2G mobile standard. That has a fairly well-known weakness whereby an attacker with a fake mobile tower can cause devices to "hand over" to the fake version from the real tower, simply by providing a strong signal. In GSM, devices have to authenticate with towers, but not the other way round, allowing the fake mast to send its own commands to the meter. Worse still, said Rubin, all the meters from one utility used the same hardcoded credentials. "If an attacker gains access to one meter, it gains access to them all. It is the one key to rule them all."

How on Earth

[MasseKid]

How on earth is software going to make a meter explode?

Re:Would the Rust programming language help?

[guruevi]

Insecurity of these devices is not something the language used to program can fix. Whether it's in Rust or in C, you can write very insecure code on any platform, Rust just tries to prevent common mistakes in C so buffer overflows are 'caught', Java or Objective C has similar safeguards as Rust resulting in similar problems.

Both Perl and Ruby have very strict tainted variable constructs for example, it's almost impossible to not clean the data received from outside the program but that doesn't make your code invincible to SQL injection.

Re:Would the Rust programming language help?

[l0n3s0m3phr34k]

These devices have issues on a MUCH "higher level", SQL injections are the least of their issues. GMS, grid-wide passwords...I'm assuming no encryption at all for the signals. It looks like one doesn't even need to get into any code-specific exploits...just a 2G GSM transmitter and some protocals, and maybe a list of commands. Pull up next to someone's house, hijack the signal and probably get the meter itself to just explode.

If properly exploited, this will be a "virtual" WMD in WWIII. A bit of code, replicated out across the tower network, once triggered could potentially start millions of simultaneous house fires across the USA, and knock out most urban power grids. A few minutes later, trigger other code at the power plants to do something similar. Like a STUXNET but aimed at the electrical grid and smart meters.