Ask your favorite sysadmins or IT experts about computer security and you’re likely to get more of an earful than you bargained for (with a healthy dash of paranoia thrown in for good measure). Why? Because years of outwitting hackers, guarding against malicious code, and bringing infected systems back from the brink have instilled in most of them a cautious and rigorous approach to keeping data (and its users) safe.
Not so, it seems, for some smart meter makers.
During the Black Hat hacker conference, Mike Davis, a senior security consultant for the computer security outfit IOActive, showed just how vulnerable some smart meters (he won’t name names) are to attack by crafting a worm — malicious code that spreads on its own once introduced to a network — that places the devices under the control of the attacker. The implications are troubling.
Smart meters are the linchpins of the stimulus-funded smart grid efforts that are just getting off the ground in the U.S. and other countries. Certainly, there are many other facets to weaving intelligence into the electrical grid, but for utilities and their customers, smart meters bestow advanced power monitoring and management functions that save energy and drive efficiency for both parties. At least, that’s the plan (though Celeste isn’t so sanguine about smart meters’ benefit for residential customers).
What some smart meter manufacturers haven’t been planning for, apparently, is security.
Before Davis’ eye-opening demonstration at Black Hat, he warned about the lack of some basic safeguards, like authentication and encryption, that are frankly must-haves for today’s interconnected systems. Trusted, secure communications are the hallmark of most corporate networks; something as vital as the delivery of electricity deserves the same consideration.
Vulnerabilities have also been found in the components that go into the manufacturing of smart meters (such as the Zigbee radio chips found in some models) making them vulnerable to a local attack. Most troubling to Davis is the fact that some smart meters are designed with the ability to be remotely disconnected, which could be used to plunge entire neighborhoods into darkness and cause damaging grid instability. Fortunately, Davis says that issue is specific to just one manufacturer’s products and if fixed, he believes there’s little overall risk.
Back at Black Hat, Davis displayed the simulated spread of the worm in a metropolitan area on Google Earth. In what was certainly a striking visual, many of green pins — 15,000 out of 22,000 of them, in fact — turned red within 24 hours indicating that the worm had expanded its reach and was ready to cause havoc.
Granted, an attacker would need to physically access the smart meter to deposit the worm unless network traffic was flowing unencrypted. But relying on this type of access limitation is not a mitigation strategy. Scammers have proven more than willing to risk a run-in with bank security or get caught on surveillance cameras to place card skimmers on ATMs; a determined enough person will have no problem ducking past some hedges or sneaking into a garage to access a smart meter.
It’s not all doom and gloom, luckily. While it appears that some manufacturers are following the same disastrous course that made massive data leaks possible, there are those willing to calling attention to the issue in a high profile way. Let’s hope smart-meter makers and utilities take this opportunity to avert the security debacles that have plagued their corporate networking cousins. There’s a lot more at stake this time.