Forgot your password?
typodupeerror
Power Security Hardware

Security Holes Found In "Smart" Meters 224

Posted by timothy
from the intentional-bottleneck dept.
Hugh Pickens writes "In the US alone, more than 8 million smart meters, designed to help deliver electricity more efficiently and to measure power consumption in real time, have been deployed by electric utilities and nearly 60 million should be in place by 2020. Now the Associated Press reports that smart meters have security flaws that could let hackers tamper with the power grid, opening the door for attackers to jack up strangers' power bills, remotely turn someone else's power on and off, or even allow attackers to get into the utilities' computer networks to steal data or stage bigger attacks on the grid. Attacks could be pulled off by stealing meters — which can be situated outside of a home — and reprogramming them, or an attacker could sit near a home or business and wirelessly hack the meter from a laptop, according to Joshua Wright, a senior security analyst with InGuardians Inc, a vendor-independent consultant that performs penetration tests and security risk assessments."
"Wright says that his firm found 'egregious' errors, such as flaws in the meters and the technologies that utilities use to manage data (PDF) from meters. For example, smart meters encrypt their data but the digital 'keys' needed to unlock the encryption are stored on data-routing equipment known as access points that many meters relay data to so stealing the keys lets an attacker eavesdrop on all communication between meters and that access point (PDF). 'Even though these protocols were designed recently, they exhibit security failures we've known about for the past 10 years,' says Wright."
This discussion has been archived. No new comments can be posted.

Security Holes Found In "Smart" Meters

Comments Filter:
  • by cryoman23 (1646557) on Sunday March 28, 2010 @08:21AM (#31646560)
    didn't the Chinese warn us? i mean i wasn't to long ago that i read an article here about some Chinese guy warning us about a flaw in our power grid....
  • by peragrin (659227) on Sunday March 28, 2010 @08:34AM (#31646612)

    um no. with the old meters you can't jack up someone's power bill without shattering the glass globe which surrounds it. and you can't use a laptop to shut off their power. you have to physically cut the cables which leaves marks.

    So it isn't the same situation. breaking a physical lock leaves traces. using a laptop to hack the meter and kill power to each house. doesn't leave a lot of marks that can be traced.

  • by Minupla (62455) <minupla@@@gmail...com> on Sunday March 28, 2010 @08:57AM (#31646698) Homepage Journal

    Locally they brought time of day usage, so if I do my laundry at night, I pay less then half what I do if I run it in prime time. Arguably this is a benefit all around:

    * Consumers win with the option of lower pricing
    * The Power generators win because their loads are more balanced, and they need to build fewer power plants (locally we have 3 nukes that only run for 3 days of the year for peaks)
    * The environment wins as an offshot of point #2

    Min

  • by Securityemo (1407943) on Sunday March 28, 2010 @08:58AM (#31646704) Journal
    I've read through both PDFs, and they really go into a lot of detail on the experimental methodology. The main thing they seem to be concerned about (and the only vulnerability they detail) are extracting the encryption keys from the meter firmware ("some" meters) and reverse-engineering the command protocol. While this could be a threat, being able to turn off/manipulate individual home meters isn't going to have any far-ranging effects beyond that. It also, obviously, requires a lot of reverse-engineering skill. I'd be more concerned with someone packaging this into a bluebox-style solution for manipulating your own meter, giving you free power? Earlier in the methodology report they talk about IR ports and similar being unsecured due to the perceived unlikelihood of attacking them, but they don't detail anything about that in the presentation PDF. That would be easier to exploit, though, so they might be keeping a lid on the more critical vulns?
  • by sourcerror (1718066) on Sunday March 28, 2010 @09:56AM (#31646940)

    Authentication is still needed, otherwise some funny guys can pump up your bills.

  • by broomer (209132) on Sunday March 28, 2010 @10:17AM (#31647042)

    The IR is also using a simple RS232 interface (9600,8,n,1) with some fixed password XOR encryption.
    I did program(move program into device, set clock, set tarifs)/analyse(= read fault reports)/readout (check readings) these some years ago in a factory which made them for the european market.

    I did not have the time to break the encryption, but had some work on coupling these things to GPRS modems. wired connection used the same encryption back then.

    just using a breakoutbox and a second PC-port sniffing the serial data.

  • by a_ghostwheel (699776) on Sunday March 28, 2010 @10:24AM (#31647066)
    Not really a direct answer to your question, but I use TED-5000 from http://www.theenergydetective.com/index.html [theenergydetective.com]. So far I found a rather precise correlation between data from it and bills from electric company.
  • by Anonymous Coward on Sunday March 28, 2010 @10:47AM (#31647236)

    Which begs the question, why are they not gettin up off their ass's and building more power generation plants as opposed to whining and crying which eventually leads to these stupid hair brained ideas in the first place.

    Save money by cycling your AC indeed. The MONEY *IS* the incentive, not the SAVING.

    The problem we have is our leaders have sold us out, instead of pre-planning ahead, and taking actions to prevent destruction, they scam the system, their lives revolve around re-election finance, the ONLY time they take action is when it's forced because something breaks (because they had NO PLAN AT ALL) and we have another disaster which has to be fixed with another fucking OVER budget debt.

    Then they get out there and say they didn't know. They KNOW, they are ENCOURAGING this crap.

  • by pnewhook (788591) on Sunday March 28, 2010 @02:24PM (#31649010)

    Thats good that you dont listen to Fox. Because Roger Ailes (chief of Fox news) has publicly stated that he's not interested in accuracy, only ratings. This results in things like with the heath care debate, where Fox creates the controversy to create a story for ratings.

  • I'm not sure about the wireless hacking from a laptop mentioned in TFS, but, as far as RF transmissions, these things can generate plenty of spread-spectrum modulation EMF when modulating the 240kHz signal carrier on wire.
    There's a good discussion about eliminating ground loops so as to avoid broadcasting the signal as a source of interference at the Technical Library [techlib.com]; I suppose one could always use an induction [techlib.com] receiver [techlib.com] to go the other direction, using a loop [techlib.com] antenna [hard-core-dx.com]. Obviously, modification of the above designs is needed for target frequency band. AM radio circuits might be a good place to start, too.
    Actually, there are tons of good MW box loop [brneurosci.org] designs that already go well below 240kHz; that page includes a calculator [brneurosci.org], and playing with some quick numbers suggests a 48cmX65cm frame [=56.5cm side length] for a 16-turn coil extending 21cm in length in parallel with four 470pF caps gives us resonance at 245kHz. Of course, with 20% tolerance ceramic discs, you may want to replace one of the 470's with a 4-40pF variable cap in parallel with anywhere from a 150pF to a 39pF paralleled with a 560pF, depending on how low or high the 470's are measuring.

    [Disclaimer: I am an RF amateur.]

  • by Jedi Alec (258881) on Sunday March 28, 2010 @03:22PM (#31649494)

    Those were only effective on meters that use a spinning disc. All the new ones are digital and either the magnetism won't do shit or mess them up completely.

  • by jeff4747 (256583) on Sunday March 28, 2010 @03:47PM (#31649682)

    Wait...you're on Slashdot, yet you have a wife? And she's a geek too?

    That's awesome, but isn't that like, one of the signs of the Apocalypse?

    No, a wife that's a geek and a gamer is a sign of the Apocalypse.

    So the Apocalypse will be happening sometime after my wedding in July.

  • by Anonymous Coward on Sunday March 28, 2010 @05:00PM (#31650228)

    You are close as 20% of power plants are only used 10 days a year, however I can assure you that nukes aren't being used as you describe. Nuclear power plants are base load generating plants and will always run along with hydro plants. Most peaking plants are natural gas fired as they can be turned off and on easily. Nuclear plants take better than a day just to get up to full power as do coal plants.

Your computer account is overdrawn. Please see Big Brother.

Working...