Smart Meter Hacking

[cybergibbons]

A teardown of a US smart meter:

http://www.ifixit.com/Teardown/Elster+REX2+Smart+Meter+Teardown/5710/1

 

And a video teardown of a 3-phase smart meter:

 

And a video from a guy called atlas about the security of the systems. It was aimed at an audience at a SCADA security conference, and is less technical than a lot of the usual fare (though, still pretty technical, and **** knows why he is dressed like that):

http://www.digitalbond.com/blog/2013/02/11/s4x13-video-atlas-on-rf-comms-security-and-insecurity/

 

 

He works on a piece of software called RfCat that uses CC1111 dongles to receive/transmit practically anything under 1-GHz (https://code.google.com/p/rfcat/).

[MrHappy]

I'm pretty certain most cannabis farms are detected by thermal imagining on the police helicopter, I believe there is a policy to check area to make use of the flight time?

Oddly I had discussion with an electrician on the topic of cannabis farming, his idea was to having solar PV on the property would account for the the trace ?

[datadiffusion]

A bit like alarms though, its not so much what you can do to the meter, more the fact that the fact it suddenly disappears from the network at the electricity co's end, and reappears 5-10 minutes later with the property using half what it did before, that will arouse suspicion.

 

We have a police transit van round here which I believe - or it leads you to believe with massive graphics - is dedicated to sniffing out cannibis factories. It might just as well be used to replenish the police station vending machines in reality, but does look like it had some extra cut out sections on the roof.

 

I've seen a factory or two myself and as you can imagine, clever meter firmware cracks were more often given over to smashing the terminal cover off and bridging the lives... Or in one cunning case just not paying the bill and never answering the door.

[cybergibbons]

I don't think the risk of smart meter hacking is cannabis factories. It's going to be one of two things:

 

1. Someone selling firmware to reduce bills. These meters take OTA (over-the-air) firmware updates, and there is likely to be a mechanism where you can use your own firmware. Nothing will look amiss. It would be possible to ramp consumption down over time or use any other number of tricks to make the reduction look genuine.

2. A state-sponsored attack to bring down an entire utility network. One of the purposes of the meters is to allow for a smart-grid - i.e. better dealing with supply, demand and switching. If you can game the network, you could bring the entire thing down.

[matthew.brough]

2. A state-sponsored attack to bring down an entire utility network. One of the purposes of the meters is to allow for a smart-grid - i.e. better dealing with supply, demand and switching. If you can game the network, you could bring the entire thing down.

The idea of any remote connectivity to meters worries me for this reason. But saying that, the whole grid will be controlled by computer systems that have remote access vulnerabilities so is the threat already real and there?

[cybergibbons]

The idea of any remote connectivity to meters worries me for this reason. But saying that, the whole grid will be controlled by computer systems that have remote access vulnerabilities so is the threat already real and there?

 

It's true that many utility networks, especially in the US, are already vulnerable to attack through SCADA networks. However, people are worried about smart meters more because:

1. An attack would be very hard to detect, and would provide a layer of deniability.

2. SCADA systems are diverse and hard to attack (Stuxnet had to be written for a specific PLC in a specific role), yet entire utility networks are going to use smart meters working on the same protocol.

3. The smartgrid is going to be complex and highly automated. There is nearly always a flaw in complex automated networks. SCADA systems controlling switching currently are very manual.

[datadiffusion]

1. Someone selling firmware to reduce bills. These meters take OTA (over-the-air) firmware updates,

 

Last leg over the electricity network or mobile telephone network? I am assuming not the phone network, as it would add a layer of cost, complexity, and enough meters are in terrible locations as it is to get a decent signal, but just thought I would ask? Assuming every sub station / transformer would have to host an adaptor of sorts if its over the wires.

[PSE]

The smart meters won't catch anyone, Maybe the odd DIY Idiot

Its Difficult to discuss, but you're looking at it all wrong

[norman]

There's a man on the fiddle

[cybergibbons]

Last leg over the electricity network or mobile telephone network? I am assuming not the phone network, as it would add a layer of cost, complexity, and enough meters are in terrible locations as it is to get a decent signal, but just thought I would ask? Assuming every sub station / transformer would have to host an adaptor of sorts if its over the wires.

 

It's a mesh network, meter to meter with the odd gateway, for most systems.