Security Newswire

FBI Concerned About Smart Meter Security

April 10, 2012
/ Print / Reprints /
ShareMore
/ Text Size+

 FBI officials are finding that electricity smart meters have pretty dumb security, as magnet-toting hackers can easily fool the devices, according to a report from blogger Brian Krebs from Krebs on Security.

Krebs states that he has an FBI intelligence bulletin outlining the agency's growing concern at smart meter attacks, which can be incredibly and embarrassingly simple. Krebs's confidential sources state that attackers have a variety of methods available for cheating the meters, primarily aiming to let consumers get power without paying for it. 

The May 2010 bulletin claims that many former  employees of the utility and the electric-meter manufacturer were tampering with the meters in exchange for cash.

The sophisticated hacker can build a DIY optical interface to connect to the device and modify its software. Or, to save time, hackers can fool some smart meters by placing a magnet on top to make the meter record incorrect power usage. 

"This method is being used by some customers to disable the meter at night when air-conditioning units are operational. The magnets are removed during working hours when the customer is not home, and the meter might be inspected by a technician from the power company," the bulletin states. 

  "Each method causes the smart meter to report less than the actual amount of electricity used," the bulletin read, according to Krebs from an MSNBC report. "The altered meter typically reduces a customer's bill by 50 percent to 75 percent. Because the meter continues to report electricity usage, it appears be operating normally. Since the meter is read remotely, detection of the fraud is very difficult. A spot check of meters conducted by the utility found that approximately 10 percent of meters had been altered."

Krebs says that the alert was issued by the FBI after investigations of power theft in Puerto Rico assessed losses of as much as $400 million annually. 

This is just another in a growing list of concerns about smart meter security, along with serious privacy flaws found by German researchers this year, in which attackers can intercept meter data to determine householders' TV viewing habits and whether or not they were at home, the report says. In 2010, researchers in the UK were warning that smart meter security was so poor that it offered attackers a remote "kill switch" they could use against customers. 

Did you enjoy this article? Click here to subscribe to Security Magazine. 

You must login or register in order to post a comment.

Multimedia

Videos

Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.

Podcasts

Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

September 2014

2014 September

In the September issue of Security Magazine, find out who this year's most influential people are in the security industry are. Also, take a peek at the technology products that ASIS 2014 will be showcasing at the upcoming event. Read about the lessons learned from security at the World Cup, find out why tactical medical training is a must for your enterprise and how Atlanta increased security by sharing surveillance.
Table Of Contents Subscribe

Adopting New Technology

How long do you wait before adopting a new technology?
View Results Poll Archive

THE SECURITY STORE

comptiahighriseproductphoto
CompTIA Security+ Certification Study Guide
CompTIA's Security+ certification is a globally-recognized, vendor neutral exam that has helped over 60,000 IT professionals reach further and higher in their careers. The current Security+ exam (SY0-201) focuses more on being able to deal with security issues rather than just identifying them.
More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.  

STAY CONNECTED

Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+