Thursday, April 12, 2012

Smart meter hacks likely to spread

Miscreants are reprogramming meters to report less power usage, for a fee

A series of hacks perpetrated against so-called "smart meter" installations over the past several years may have cost a single electric company hundreds of millions of dollars annually, the FBI said in a cyber intelligence bulletin obtained by KrebsOnSecurity. 

The US law enforcement agency said this was the first known report of criminals compromising the hi-tech meters, and that it expected this type of fraud to spread across the country as more utilities deploy smart grid technology. Smart meters are intended to improve efficiency, reliability, and allow the electric utility to charge different rates for electricity at different times of day. 

Smart grid technology also holds the promise of improving a utility's ability to remotely read meters to determine electric usage. Advertisement: Story continues below But it appears that some of these meters are smarter than others in their ability to deter hackers and block unauthorised modifications. 

The FBI warns that insiders and individuals with only a moderate level of computer knowledge are likely able to compromise meters with low-cost tools and software readily available on the internet. Citing confidential sources, the FBI said it believed former employees of the meter manufacturer and employees of the utility were altering the meters in exchange for cash and training others to do so. "These individuals are charging $300 to $1000 to reprogram residential meters, and about $3000 to reprogram commercial meters," the alert states. 

The FBI believes that miscreants hacked into the smart meters using an optical converter device - such as an infrared light - connected to a laptop that allows the smart meter to communicate with the computer. After making that connection, the thieves changed the settings for recording power consumption using software that can be downloaded from the internet. 
"The optical converter used in this scheme can be obtained on the internet for about $400," the alert reads. "The optical port on each meter is intended to allow technicians to diagnose problems in the field. This method does not require removal, alteration, or disassembly of the meter, and leaves the meter physically intact." 
The bureau also said another method of attacking the meters involved placing a strong magnet on the devices, which caused it to stop measuring usage, while still providing electricity to the customer. 
"This method is being used by some customers to disable the meter at night when air-conditioning units are operational. The magnets are removed during working hours when the customer is not home, and the meter might be inspected by a technician from the power company." 
"Each method causes the smart meter to report less than the actual amount of electricity used. The altered meter typically reduces a customer's bill by 50 per cent to 75 per cent. Because the meter continues to report electricity usage, it appears be operating normally. Since the meter is read remotely, detection of the fraud is very difficult. A spot check of meters conducted by the utility found that approximately 10 per cent of meters had been altered." 
"The FBI assesses with medium confidence that as Smart Grid use continues to spread throughout the country, this type of fraud will also spread because of the ease of intrusion and the economic benefit to both the hacker and the electric customer," the agency said in its bulletin.
The hacks described by the FBI do not work remotely, and require miscreants to have physical access to the devices. They succeed because many smart meter devices deployed today do little to obfuscate the credentials needed to change their settings, according to Tom Liston and Don Weber, analysts with InGuardians, a security consultancy based in Washington, DC. 

Liston and Weber have developed a prototype of a tool and software program that lets anyone access the memory of a vulnerable smart meter device and intercept the credentials used to administer it. Weber said the toolkit relied in part on a device called an optical probe, which can be made for about $US150 in parts, or purchased off the internet for roughly $US300. 
"This is a well-known and common issue, one that we've warning people about for three years now, where some of these smart meter devices implement unencrypted memory," Weber said. 
"If you know where and how to look for it, you can gather the security code from the device, because it passes them unencrypted from one component of the device to another."
The two researchers were slated to demo their smart meter hacking tools at the Shmoocon security conference. Utilities have to be more enterprise security-aware. With these incidents at organisations of any size or age, the first reaction is to cover it up. The thinking is if we keep this kind of thing secret, nobody will find it or exploit it. But for those of us who are inside the industry, and have been at this long enough, the only way we're going to fix a security problem is to expose it.

Australia has approximately 1.5 million smart meters installed, according to telecommunications analyst Paul Budde, founder of Smart Grid Australia, an industry alliance working on Australia's Smart Grid-Smart City electricity network upgrade project. Approximately 1 million are deployed in Victoria, the state chosen as the test site for the country, he said. 

Budde said the hacking of smart meters was among the issues electricity companies would work to prevent. 
"Obviously as soon as you start adding communications to the [electricity] network there are possibilities of others getting access to it as well. It applies to everything that has to do with communications. Smart grids and smart meters are also affected by that."
But [the risk] is very well understood now; companies involved are making sure there's security in place to make it less [likely] to happen." Budde said the US was one of the first countries to rollout smart meters and learnings from the North American experience were shared among all countries working on smart grids. "Other electricity companies can learn from that," Budde said.

Refer here to read further details.

No comments: