Security Expert Proves Hacking the Smart Grid Is a Snap


As with all wirelessly-connected electronic devices, smart meters–and in turn, the smart grid–are vulnerable to hackers. And if the smart grid is hacked, well, there goes the neighborhood’s (or the city’s) power. CNN recently demonstrated how a hacker equipped with $500 worth of equipment could take control of the grid, and now Mike Davis, a security consultant at IOActive, has presented a laundry list of ways that hackers could disrupt the smart grid.

Davis claims that enterprising hackers could put a needle on each side of a smart meter’s memory chip to intercept and analyze electrical signals, which in turn provides information on the meter’s programming. Similarly, codes from a smart meters two-way radio chip can be intercepted and extracted with the syringe method. Once a hacker has access to these codes, she can log on to the smart grid network and issue commands. Hackers could also attack smart meter hardware by reverse-engineering it or they could use a software radio to listen to wireless communications and figure out how to interact with them.

Once hackers have access to smart meter codes and programming, they can “talk” to all meters of the same brand over the network. In one simulation, Davis proved that malware set to self-replicate could shut down power for 15,000 homes in 24 hours.

The smart grid market is expected to be worth $40 billion by 2013, according to Morgan Stanley Research. So what can be done? Smart meter roll-outs are going full-speed ahead with no signs of slowing down any time soon. One possible solution is Smartsynch’s Universal Communications Model–a smart grid in a box that makes it easy for vendors to replace outdated devices without tearing out entire smart meters. So if a security hole is found, a vendor can plug it up easily.

[MIT Technology Review]