12 years ago
Worried about the security of the Smart Grid? You should be. Security
researchers warn that the Smart Grid could become a hacker's playground. As
proof, here are four ways the Smart Grid can be hacked.
Technology Review has an excellent article outlining ways in which the Smart
Grid is vulnerable. Here, based on the article, are four ways it can be
hacked via the smart meters that will be in businesses and people's homes.
Attack Smart Meter RAM
The article says that security researcher Travis Goodspeed warns that
attackers will be able to hack directly into smart meter RAM, and by doing
that, get free reign. It sounds a little James Bond-ish, but here's how the
articles claims says it can be done:
If the meter hasn't been built with protective features, a hacker can use
syringes to insert a needle into each side of the device's memory chip. The
needle serves as a probe to intercept the electrical signals in the memory
chip. By analyzing these signals, the hacker can deduce the device's
programming. Even if the meter includes security features, he says, it may
be possible to extract the information using customized tools.
Hack the Meter's Digital radio
Godspeed says a similar technique to RAM-hacking can be used to get command
of the smart meter's radio, and from there, launch attacks The smart meter's two-way radio chip allows the device to be read remotely
and to receive commands over the network. The software in the chip contains
security codes that an attacker who's cracked the meter's programming can
use to get on the network and begin issuing commands. Goodspeed has shown
that the codes can be extracted using syringes in a process similar to the
attack on the memory.
Hack the Meter Wirelessly
The article says that David Baker, director of services for security firm
IOActive, warns that hackers can get into the meter via its wireless
networking device for communicating with the network:
An attacker can use a software radio, which can be programmed to emulate a
variety of communications devices, to listen in on wireless communications
with the network and deduce over time how to communicate with the meters.
Another method, Baker says, is to attack the hardware. An attacker could
steal a meter from the side of a house and reverse-engineer it. This method,
he says, while inexpensive, does require a good knowledge of integrated
Spread Malware Throughout the Network
Baker says that once someone has gotten access to a smart meter's
programming, he could easily launch a worm or other malware to attack the
network itself, other smart meters, and other devices attached to the grid.
To demonstrate his attack, Davis crafted a piece of malware that could
self-replicate to other meters, allowing an attacker to shut them down
remotely. In simulations, Davis showed that if his worm were released in an
area where all the houses were equipped with the same brand of meter, the
worm could spread to 15,000 homes in the space of 24 hours
--- news://freenews.netfront.net/ - complaints: email@example.com ---