Smart Meters Are Laughably Insecure, Are a Real Danger to Smart Homes
- January 5, 2017
- 05:31 AM
Most smart meters that are installed, or are soon to be installed, in hundreds of millions of homes around the world are woefully insecure and can be easily hacked by a remote attacker to alter energy consumption levels, hack other smart devices in the user’s home, or even cause the meter to explode.
These are the findings of Netanel Rubin, a researcher with Vaultra, a security firm specialized in smart device security. Rubin presented his findings at the 33rd Chaos Communication Congress held last week in Germany.
Governments pushed for smart grids but got dumb meters instead
In his presentation, available at the end of this article in video format, Rubin paints a grim picture where governments around the world, in an effort to reduce energy consumption, have adopted legislation that pushes smart meters into the homes of million of people.
Because of the push to make energy grids “smarter,” there’s now a need for smart meters, with more than 60 different smart meter manufacturers more than happy to provide products to energy companies across the world.
Unfortunately, as is the case in any competitive market, these smart meter vendors are cutting corners in order to provide the cheapest and feature-full products, often sacrificing device security measures to do so.
Rubin says that most smart meters available on the market today are woefully insecure, mainly by the vendor’s design choice.
Smart meters use GSM to talk to the energy provider, and ZigBee to connect to the user’s home network and allow the user to inspect his energy consumption levels. The problem is that both protocols have been known to be vulnerable for years.
Attackers could very easily spoof GSM communications and control smart meters across a city. This is possible because GSM does not support encryption, allowing a determined attacker an avenue to hack smart cities.
Energy vendors fail to secure their smart meter networks
In the cases where GSM is replaced with the combination of GPRS and A5 protocols, Rubin says that this is still not enough, as both protocols could be brute-forced, and the attacker can get hold of the encryption key with ease.
Even worse, Rubin says, is that in cases he analyzed, most power grid companies use the same encryption key for all smart meters across a city. An attacker that manages to hack one smart meter could very easily escalate his access to all smart meters belonging to that energy provider.
This is also possible, as Rubin explained to the audience, because energy vendors also fail to segment their networks, managing their customers in one giant LAN.