Energy Insecurities: The Downside of Being Too Smart

By John Bumgarner

Smarter meters. Furthermore, the potential for cyber attacks against electrical power generation systems is a major national security threat that will only get worse. Electric utilities are in the process of deploying new technologies that promise to increase efficiency, reduce load growth, and improve overall grid resiliency. Yet these technologies will introduce new security vulnerabilities as well.  For example, electric utilities are increasingly turning to Advanced Metering Infrastructure (AMI) technology to improve the efficiency of the grid. AMI technology, or “smart meters,” allow utilities to monitor their customers’ energy consumption in real-time and potentially time-shift the energy usage of individual devices connected to a meter.  This time-shifting capability could potentially help shift load from peak hours, when the cost of electricity generation is highest, to hours of the day when the cost of electricity generation is lower. Utilities have another, more immediate incentive to promote and deploy smart meters, because they may help to increase profits, by reducing business expenditures. For example, smart meter deployments will allow utilities to reduce those costs normally associated with the dispatching of workers to read meters, or establishing or terminating service for customers. 

While reducing such business costs is important, increasing overall grid security is important as well.   Many manufacturers have designed smart meters with few or no security features. The meters currently being installed use standard protocols, such as the Trivial File Transport protocol (TFTP) or Domain Name System (DNS) that have proven vulnerable to cyberattacks in other contexts. Smart meters further involve two-way communication channels between the utilities and their customers. The channels may be provided through a number of ways, including wired Ethernet, such as Digital Subscriber Line (DSL) or Broadband over power line (BPL) technology, or through wireless technology, such as cellular.
An unsophisticated hacker can easily disrupt these channels through a distributed denial-of-service (DDoS) attack targeting the smart meters. If the meters were thrown offline by such an attack, then the utility company could not transmit reboot instructions to the meters remotely.  The utility company would need to dispatch workers to each physical location to reboot the meters manually, which will increase operating costs to fix the problems.  
More sophisticated attacks could involve even greater costs for utility companies. For example, an attacker could obtain complete administrative control over individual meters and systematically turn off electricity to residential, business, and industrial customers. The attacker, furthermore, could time such attacks for maximum effect, shutting off electricity during a heat wave or a cold snap. By manipulating the controls during events when service is likely to be interrupted anyway, such as during an ice storm, the attacker may sow confusion to increase damage from the attack. In such an event, as thinly stretched repair crews first try to fix what usually goes wrong, the restoration of power is delayed, and the costs of the attack can snowball. By disrupting the supply of electricity at critical times, the attacker could make bad regional conditions (e.g. ice storm in Charlotte, North Carolina) worse, possibly creating a crisis requiring the response of regional and federal authorities, such as the Federal Emergency Management Agency (FEMA).
The widespread deployment of smart meter architecture increases the likelihood of mischief against the devices by opportunistic hackers. We witnessed similar mischief against technologies such as modems and wireless access points when they were widely deployed.   In the 1983 film WarGames, the character played by Matthew Broderick popularized a hacker technique known as wardialing, which attempts to find and access modems using automatic dialing methods. In the early part of this decade, hackers shifted their focus from finding insecure modems to locating insecure wireless access points.   This technique is called wardriving, which is the art of searching for wireless networks from a motorized vehicle using a computer loaded with some specialized software designed specifically for the task. Hackers in the coming decade will likely shift their attention to smart meters by writing and developing techniques to conduct “warmetering," which is the art of locating and accessing metering architecture. 
One potential mischievous activity that could be performed by warmetering hackers is the falsification of customer usage information being stored on the meters. If this information was altered to show a decrease in electricity consumption for individual customers, relative to the amount of electricity actually consumed, the customers’ bills would be lower than they otherwise would have been. Utility revenues would go down, along with company profits. This data could also be modified to show an increase in power consumption for individual customers, such as the one’s living in more affluent sections of a city. Sharp spikes in usage could increase bills for these customers and increase revenues for the utility, leading customers to complain about billing discrepancies. Utility companies would be forced to investigate these claims, especially if the consumption spikes were egregious. The mischievous attacker could further increase the business cost of determining the cause of the spikes by continually shifting the attacks to target different geographical areas within a single utility’s market. Such mischievous activities could eventually lead to more disruptive (or destructive) ones. One of the possible scenarios is the reprogramming of software on the meters that would severe communications between the device and the utility. To resolve the problem, a utility would have to dispatch workers to each residence affected by the incident and would bear the cost of repairing or replacing each meter. If such an attack was widespread, the affected utility might have to sign reciprocity agreements with other utilities to assist with the restoration activities.   Depending on the severity of the incident, the utility could also require emergency financial assistance from the federal government. 
Smarter appliances. Smart meters are only one point of vulnerability in the smart grid. Smart appliances are another. To realize the potential cost savings from smart grid technology, households will need appliances that are able to receive remote instructions using embedded technology, which allows them to operate during off-peak hours without human interaction. Current intelligent electronic devices (IEDs) are designed to be connected to a home area network (HAN) featuring a home automation technology, such as Insteon or Zigbee, that regulates network communications. Through the HAN, the IEDs may be controlled remotely by homeowners, by utilities, or, possibly, by hackers. 
Many of these smart appliances are still on the drawing board, but their designers need to take into account the potential cyberrisks posed by engineering embedded intelligence into the devices. One of the possible attack scenarios in the future against these devices would be for an attacker to rapidly cycle on and off these appliances remotely. This type of attack would potentially produce cascading outages across entire regions.  The size of the affected region would depend partly on the quantity and the power consumptions of the appliances commandeered for the attack. 
Some futuristic attack scenarios against smart washers and dryers could result in physical damage to the appliance or to the dwelling where it is installed. For example, a cyberattack against a smart washing machine could target the electronic control modules, which regulate the agitation and spin cycles. A devious attacker could instruct the electronic control module to continuously spin the basket at the highest rate of rotation until the lid is physical opened or the power is disconnected from the device. If these revolutions could be maintained for a considerable period, then it is possible that the attack could physical damage internal components or even destroy the appliance. Another attractive target for hackers is IED-enabled dryers. An attacker could instruct the internal control module that the thermostat is not functioning properly and then display an error code on the electronic visual display that service is required. Unless IEDs are designed with specific cybersecurity protection controls, smart appliances could become tempting targets for cyberattacks in the future. 



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.