Wednesday, January 06, 2010

Vulnerability of "Smart Meters" to Malicious Computer Hacking

In the movie "Utilities," a Canadian comedy, the utility's mainframe computer is rejiggered to generate refunds instead of bills by a social worker enraged by the utility's harsh treatment of his old, disabled, impoverished client, who died in the cold after a shutoff of service despite best efforts to pay her bill. The plot involves Topkapi style trespass and penetration of the utility's secure computer center to accomplish the nefarious task.

The job of messing with utility information systems may not be so hard if utilities deploy "smart" meters as is now the rage, without adequate security.

One of the risks of rushing to install "smart" meters is that these are basically computers with communications capability - in some ways analogous to the familiar computers we work with at our homes and offices.

Are the new "smart" meters as vulnerable to mischief as our home and office computers? Can miscreants "hack" into the devices to change or destroy the billing and usage data, trigger remote power shutoffs, or introduce malicious viruses and software "worms" to damage or redirect the functions of the meters?

According to a recent article, a cyber security expert has demonstrated that the "smart" meters might be vulnerable to such "hacking":
At the Black Hat security conference, Mike Davis, a senior security consultant for IOActive, demonstrated how his security team simulated the hacking of 16,000 out of 22,000 smart meters over a 24-hour period. They used a worm, a software patch, that gave IOActive the control to turn power on and off at one-second intervals at 16,000 homes.

"We could have put anything in that worm we wanted as a payload," said Davis. "We did not have enough room in the smart meter to fit our code so we had to dump some functionality out for our worm to work. The functionality we dumped was the ability to wirelessly update the devices. That would have locked out the utility from wirelessly updating the devices."

* * * * One feature in many devices is a remote disconnect that allows the utility to wirelessly disconnect an individual meter from the grid. "The nature of the worm we demonstrated is the danger that we were able to propagate it without the need for the utility. If we propagated it to hundreds of thousands of meters, we would have the ability to disconnect those," Davis said.

**** Because meters are wirelessly linked by radio frequency with a one- to two-mile range, worms or disabling viruses could hop from service area to service area on interoperable metering systems.

What are the consequences of hundreds of thousands without power? Someone would have to figure out how the meters are being exploited, create and test a corrective patch and, if firmware is compromised, individually deploy patches to every affected household.

Mike Breslin, Nitty Gritty of Cyber Security - The Offense: Smart Meter + Slot Machine Security, Intelligent Utility, November/December 2009.

See the Comments and Reply Comments of NASUCA to U.S. Department of Energy requests for information regarding "Smart Grid" initiatives.

No comments: