Holes in the grid

Posted on by

I wrote back on 10/21/09 and 12/16/09 about “smart grid” technology, where you and the power company can monitor your electricity usage on a minute-by-minute basis. Well, I prophesied that the electric company will take control of your meter and control your house. It turns out I was close: AP Exclusive: ‘Smart’ meters have security holes.

The article goes on to explain about well known and very old security exploits that hackers can exploit to run your bill up, down, or even turn your power off entirely.

 [Joshua] Wright said his firm found “egregious” errors, such as flaws in the meters and the technologies that utilities use to manage data from meters. “Even though these protocols were designed recently, they exhibit security failures we’ve known about for the past 10 years,” Wright said.

They are rolling out a couple million of these meters each year, and you could drive a semi- through the security holes, and I’m supposed to feel safe? I don’t think so.

There are few public studies on the meters’ resistance to attack, in part because the technology is new. However, last summer, Mike Davis, a researcher from IOActive Inc., showed how a computer worm could hop between meters in a power grid with smart meters, giving criminals control over those meters.

 A worm is a self-replicating program that does not require human intervention (No one needs to download or run the infected file) and will continue to spread until activated.

 This is certainly not giving me the warm and fuzzies. I keep my systems updated with the latest firewalls, Anti-viral programs and I stay away from websites where there is nothing there but worms and virus downloaders.

 But when it comes down to it, what can you do? It’s not like I have the money to spend on a generator and gas to run it if I tell MLGW to go and take their smart meter somewhere else.

 And hackers are like suicide bombers. They are determined to make to their targets and there is very little you can do to stop them from getting to that target. Once they get there, they cause maximum damage. Imagine a country filled with “smart” meters, and you get control of them. You could shut the entire grid down.

 Like the man said, “Just because you can do something, does not mean that you should do it.”

Comments are closed.