FBI Concerned About Smart Meter Security

April 10, 2012

FBI officials are finding that electricity smart meters have pretty dumb security, as magnet-toting hackers can easily fool the devices, according to a report from blogger Brian Krebs from Krebs on Security.

Krebs states that he has an FBI intelligence bulletin outlining the agency's growing concern at smart meter attacks, which can be incredibly and embarrassingly simple. Krebs's confidential sources state that attackers have a variety of methods available for cheating the meters, primarily aiming to let consumers get power without paying for it.

The May 2010 bulletin claims that many former employees of the utility and the electric-meter manufacturer were tampering with the meters in exchange for cash.

The sophisticated hacker can build a DIY optical interface to connect to the device and modify its software. Or, to save time, hackers can fool some smart meters by placing a magnet on top to make the meter record incorrect power usage.

"This method is being used by some customers to disable the meter at night when air-conditioning units are operational. The magnets are removed during working hours when the customer is not home, and the meter might be inspected by a technician from the power company," the bulletin states.

"Each method causes the smart meter to report less than the actual amount of electricity used," the bulletin read, according to Krebs from an MSNBC report. "The altered meter typically reduces a customer's bill by 50 percent to 75 percent. Because the meter continues to report electricity usage, it appears be operating normally. Since the meter is read remotely, detection of the fraud is very difficult. A spot check of meters conducted by the utility found that approximately 10 percent of meters had been altered."

Krebs says that the alert was issued by the FBI after investigations of power theft in Puerto Rico assessed losses of as much as $400 million annually.

This is just another in a growing list of concerns about smart meter security, along with serious privacy flaws found by German researchers this year, in which attackers can intercept meter data to determine householders' TV viewing habits and whether or not they were at home, the report says. In 2010, researchers in the UK were warning that smart meter security was so poor that it offered attackers a remote "kill switch" they could use against customers.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 November

This month, Security magazine brings you the Security 500 Report, Rankings and Thought Leader Profiles. How does your enterprise compare to others? Which security programs are leading the way? Also this month, we highlight how to plan, prepare for and build resilience to protests and other unplanned events, video surveillance tools for SMBs and more.

View More Create Account

FBI Concerned About Smart Meter Security

Related Articles

Related Products

Related Events

Report Abusive Comment