Experts say smart meters are vulnerable to hacking
In the United States alone, more than eight million smart meters have been deployed by electric utilities and nearly sixty million should be in place by 2020; security experts are worried that this rush to deployment of smart meters ignores serious security vulnerabilities: the interactivity which makes smart meters so attractive also makes them vulnerable to hackers, because each meter essentially is a computer connected to a vast network
Security researchers say that new “smart” meters, which are part of the envisioned Smart Grid and which are designed to help deliver electricity more efficiently, also have flaws that could let hackers tamper with the power grid in previously impossible ways (see “Utilities to Bolster Smart Grid Cybersecurity,” 8 February 2010 HSNW; and “How Vulnerable is the Smart Grid?” 3 December 2009 HSNW).
The AP reports that at the very least, the vulnerabilities open the door for attackers to jack up strangers’ power bills. These flaws also could get hackers a key step closer to exploiting one of the most dangerous capabilities of the new technology, which is the ability remotely to turn someone else’s power on and off.
The attacks could be pulled off by stealing meters — which can be situated outside of a home — and reprogramming them. An attacker could also sit near a home or business and wirelessly hack the meter from a laptop, according to Joshua Wright, a senior security analyst with InGuardians Inc. The Washington, D.C.-based firm was hired by three utilities to study their smart meters’ resistance to attack.
These utilities, which he would not name, have already done small deployments of smart meters and plan to roll the technology out to hundreds of thousands of power customers, Wright told the AP.
There is no evidence the security flaws have been exploited, although Wright said a utility could have been hacked without knowing it. InGuardians said it is working with the utilities to fix the problems.
Power companies are aggressively rolling out the new meters. In the United States alone, more than eight million smart meters have been deployed by electric utilities and nearly sixty million should be in place by 2020, according to a list of publicly announced projects kept by the Washington, D.C.-based Edison Foundation, an organization focused on the electric industry.
AP notes that unlike traditional electric meters that merely record power use — and then must be read in person once a month by a meter reader — smart meters measure consumption in real time. By being networked to computers in electric utilities, the new meters can signal people or their appliances to take certain actions, such as reducing power usage when electricity prices spike.
This very interactivity is what makes smart meters so attractive, but it also makes them vulnerable to hackers, because each meter essentially is a computer connected
