Feeds

Crap computers in a crap box: Smart-meter blackouts risk to UK

Sniff a device's wireless, pwn a power plant, warns Brit biz

Security for virtualized datacentres

Vulnerabilities that could switch off the electricity supply

Jones gave further details on how these attacks might be executed and the ramifications for utility providers during a presentation, entitled SCADA, smart meters and enterprise control systems: The next threat, at Infosecurity Europe 2013.

Ross Anderson, professor in security engineering at the University of Cambridge's Computer Laboratory, warned as far back as 2011 that smart metering would introduce a "strategic vulnerability" that might be exploited by hackers to remotely switch off elements of the gas or electricity supply grid. Software errors introduced during an update also pose a risk.

Security researchers at IOActive previously highlighted (PDF, slide deck) flaws in poor authentication, lack of encryption and inadequate authorisation in smart meters, during a research project that looked at early rollouts in the US and Europe.

Smart meters introduce two-way communication between a meter and the central system of a utility, which is absent from older analogue meters. The devices feature sensors so they can monitor and report on the quality of gas and electricity supply, as well as recording unit consumption for billing purposes.

Utilities want to deploy smart meters because the technology will automate meter reading, as well as creating tools to make it easier to control supply at times of high demand. The kit also makes it easier to switch subscribers to higher tariffs in cases where they fail to pay their bills on time.

Encouraged by the government, utilities are planning to roll smart energy meters out to every home in UK by 2019. Mass rollout is due to kick up a gear starting from next year.

In a survey of 1,000 UK consumers, sponsored by infosec firm TripWire, 61.2 per cent said that smart meters would encourage them to use less electricity, and 28.4 per cent voiced the opinion that it would make their electricity bill cheaper. However, 26.8 per cent said the technology would only be used by electricity suppliers as a marketing tool. One in 10 respondents (10.60 per cent) said the devices will capture too much of their personal information.

Similarly, 8.9 per cent of respondents expressed fears that smart meters would be vulnerable to hacking. Tim Erlin, director, product management, security and IT risk strategist at Tripwire, said concerns that the roll-out of smart meter technology, exposing personally identifiable information and requiring additional security and privacy protection, was arguably under-represented in the survey.

A separate poll of 3,000 British consumers, carried out by YouGov for mobile operator O2, discovered that 63 per cent of respondents did not know what a smart meter was. When the concept was explained, respondents felt that greater visibility and control of energy usage in the home (77 per cent) and the introduction of fair pricing via accurate billing (73 per cent) were the top two reasons to favour a smart meter. ®

Technote

* SDR works by capturing radio frequency signals using a high-speed analogue-to-digital converter enabling the direct digitisation of the radio frequency signal. This can then be analysed by a digital signal processor before being converted into output data stream. The user can analyse slices of spectrum, looking for carriers and modulated signals and go on to isolate the preamble and the payload of transmitted information, for instance. Alternatively they can separate out the message headers if they're searching for data streams.

Many SDRs are available but the Universal Software Radio Peripheral is the tool of choice as it allows both reception and transmission. When coupled with open-source software such as GNU Radio, the USRP allows the creation of advanced radio systems. This uses a USB 2.0 interface, a field-programmable gate array, high-speed ADCs and digital-to-analogue converters to generate a sampling and synthesis bandwidth one thousand times greater than that of a PC sound card. This extends the reach of the equipment and enables wideband operation.

Secure remote control for conventional and virtual desktops

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.