Skip to comments.FBI: Smart Meter Hacks Likely to Spread
Posted on 04/09/2012 3:17:58 PM PDT by dila813
A series of hacks perpetrated against so-called smart meter installations over the past several years may have cost a single U.S. electric utility hundreds of millions of dollars annually, the FBI said in a cyber intelligence bulletin obtained by KrebsOnSecurity. The law enforcement agency said this is the first known report of criminals compromising the hi-tech meters, and that it expects this type of fraud to spread across the country as more utilities deploy smart grid technology.
(Excerpt) Read more at krebsonsecurity.com ...
Of course, both the cost of the smart grid and the higher operating cost will be paid by the consumers not on government assistance.
Sometimes low-tech is the best tech.
Dr. Bill Wattenburg, former talk show host on KGO before the recent programming shakeup, predicted this from day one.
Nice, I guess it wasn’t so smart after all. Anything leftists support is usually a dud.
Looks like another one.
Smart meters are primarily about forcing people to pay more for electricity during the day. People who work at home and home school are going to get royally screwed.
Unless you control how people live, how much power they use and when, this is the goal, there is no reason for smart meters.
A waste of money. As for saving the cost of reading the meter... our REC had this via online telemetry years ago and it did not require a smart meter.
I think my electric co. didn't appreciate me conserving and I was conserving because I HAVE to..crooks all of them...
I trust NO one any more...and we will all watch Hussein steal the up coming election...what a disgrace this man is..our entire Congress is a bunch of wusses and they all need to be replace..hell obama does what ever he wants so Congress should just be dissolved and let Hussein rule, that what he has done for three and half years.
The electric company installed a new meter on my house. It’s digital. I’m freaking out. Is it a smart meter?
The fact that it is digital is scaring me. We all know what happens to digital items during a power outage. Blinking zeros. How will anyone know how much power I had used?
I called the company to change the meter to an analog one. CS said it can’t be done. Digital meters are installed now. Then she said that I have to push a button after a power outage. There will be a series of 8 blah blah blah.
She did say that I do not have a smart meter... something about having to call in the meter reading. I’m confused.
Now, reading this article, what if someone hacks my meter to show that I used more power than I actually did.
How do I find out if I have a smart meter? I don’t trust the CS.
Get the model number off of it, don’t trust what they tell you, just look it up yourself.
Well, you could start by going out to your meter and looking for a manufacturer’s name, model #, etc on the meter face.
There are many digital meters that aren’t “smart” meters. There are ‘dumb’ digital meters, which just have digits on the face and perhaps some diagnostic logic in them, then there are “remote sensing” meters, aka “turtles” in the power industry, which are “dumb” but can be read remotely by the power company sending a low-frequency signal down the line and your meter sends back a signal which they can read as to your usage, and then there are the “smart” meters, which increasingly use a wireless IP connection to communicate with the power company infrastructure.
Start with the basics: maker, model #, etc. Look those up first, then work from there.
Along with all of us in the networking world who have seen how embedded IP implementations are like leaving nuggets of gold in front of hackers...
these clowns pimping this crap never, ever put in even modest digital signature technology to prevent hacking. It’s all “security through obscurity,” which doesn’t last past the first reverse-engineering of a device, or a detailed examination of the specification for the protocols.
yeah, I didn't think post quite said what I was aiming for. A bit too busy to straighten it just now...
That's something I worry about. They installed a so-called smart meter at my house. So-called because the installer said it has to be read manually until far off in the future when they put equipment in to make it able to be read remotely. I worry that someday I'll see the digital readout going nuts, rapidly hiking the numbers. If it can be hacked to show a lower use rate, it can be hacked to show a vastly higher rate of use.
Nope, smartmeters are primarily about taxation. It is about increasing the revenue to local governments while state governments swallow up their traditional source of income. Since 'The People' are starting to get ticked off about other revenue streams (see red light cameras, speed cameras, right turn cameras, huge traffic fines, etc...) and are less willing to cough up more dough (see failures at the ballot box), the goal is to increase the revenue going to local city coffers by making it far easier to target businesses with utility tax hikes.
As for residentials, home schoolers and work at homes honestly are a drop in the bucket when you compare them to the percentage of elderly who are at home throughout the day who are using air conditioning for their comfort. While programs will 'help' them somewhat on the bills, they'd much rather force them out of their homes during the day and into senior community centers - another great way of skimming money into the city budget.
As it stands now, a person who is inclined to enterprise should be thinking about selling battery packs that recharge at night during the low rate times, and release their power during the high rate times of the day. You've both residential and the soon to be hard targetted commercial customers to go after, and the technical challenges shouldn't be that great.
HUGE EYE-ROLL, here.
I lost my trusty electromechanical meter to a SmartMeter upgrade program imposed by my local utility. They came out to the house, yanked out my perfectly functional meter, and lugged in the new one.
Two weeks ago I received a letter from my utility company informing me that I could have my perfectly functional old meter BACK IF...I paid them $75 to install it, AND IF I paid them $10 a month to send a warm body out to the house to read it.
They TOOK it for FREE, I’m paying for the SmartMeter they replaced it with, and NOW they tell me I can have my old meter back — for even MORE money.
Under those conditions; heck YEAH I’d expect to see more SmartMeter hacks in the future.
We all know what happens to digital items during a power outage. Blinking zeros. How will anyone know how much power I had used?
I’m pretty sure that during a power outage you use ZERO power.
Smart meters are primarily about forcing people to pay more for electricity during the day.
They are actually for..
1.) recording very small usage levels ... mechanical meters do this poorly and often don’t register all usage.
2.) avoiding the inaccuracies mech meters accrue as they age. (usually due to braking magnets weakening or changes in magnetism due to lightning and such)
3.) reducing meter reading costs ... many can be remote read ,, the ones that must be eyeballed are faster to read as they don’t have the dials to interpret.
You don't get it. Let me explain it to you. Let's say I have used 1345 KW when the power outage occurs. When the power is restored the meter instead of showing 1345 shows blinking 0000. Do you think the electric company will charge me for 0000kw or will they guesstimate what I have used and bill me for 1955? How can I prove to them that I have only used 1345? Take daily photos? power outages happen unexpectedly.
Keeping it simple: If I were a betting man, I would LAY MONEY that nobody could hack our encrypted network without inside knowledge.
We use the same AES encryption algorithm that both the credit card network and secure web access uses. Heck, the NSA uses the same algorithm to encrypt top-secret overseas dispatches.
"Those have been hacked, " you say. Bull. Look it up: All credit card hacking you have heard about was NOT from hacking the encrypted data stream itself, but from compromising some web server. We have iron-clad back office software. Nobody is hacking that, either.
This is just more irrational hatred toward American companies who should be applauded for creating manufacturing jobs here.
We don't make our stuff in China. We tried it, and China don't get it done for industrial equipment. If your iPhone craps out, nobody dies. A disconnect electric meter pops, and somebody could die.
Really? We designers are THAT dumb that we didn't think about that?
We have in each and every meter (electric, water, gas):
1. Battery backup.
2. Special memory (EEPROM) that doesn't need power.
3. Flash memory that doesn't need power. You have a thumb drive, don't you? That doesn't need power, does it? Same thing here.
Must have been a dumb meter. /sarc.
What do you think a "smart meter" is? It's just a two-way version of the old telemetry meters, that allows remote disconnect and reconnect, and remote reset of demand data.
It doesn't brainwash you.
It doesn't spy on you.
It doesn't ray-gun your cats.
We don't have get enough money to build those functions into those meters. They barely cost more than bottle of wine to build.
“Bull. Look it up: All credit card hacking you have heard about was NOT from hacking the encrypted data stream itself, but from compromising some web server”
You have only a technical criticism here....hacking, cracking, lets not play word games......
Bottom line, Capital investment ... ROI non-existent because the full cost wasn’t taken into account... take off the rose color glasses. These meters weren’t needed.
Smart Meters are for hourly billing vs digital meters and remotely reading of analog meters.
Power-line communication isn't used much anymore, and never was in residential electric, except in a few "demo" areas. Never caught on because of all the problems getting the signal past the transformers. That requires large capacitors, which cost a lot of money.
Drive-by radio and fixed-network (also called mesh) wireless are the two methods that have been used for about the last 30 years.
Yes, it's been that long. I have 1-way gas meters still in the field transmitting that are over 20 years old.
You don't know what you're talking about, and you talking to someone who does.
ROI is totally there. How many companies in the US make electromechanical single-phase meters anymore? We quit 4 years ago, our competitor quit long before that, and GE is totally out of the single-phase business (including electronic meters). Maintaining the tooling to continue manufacturing precision analog meters does NOT make financial sense.
Electronic (smart included) meters do not go out of calibration. They don't overheat. They don't get stuck. They just keep working, and they allow the utilities to plan their peak generation capacity, report outages (despite the claims of "all zeroes when the power goes out"), help load-shedding, save money on truck visits for disconnect and connect, and a whole host of other things.
Electronic smart meters are here to say, people. Get used to it, or get yourself disconnected from the grid.
PROVE IT DOES THAT.
Our competitors' don't.
The US government wouldn't allow it.
Nor would the power utility associations.
Battery backup for electronic metering has been around at least since 1980 (as far back as I go with this stuff).
How dumb do you think engineers are?
You said it. Maybe you designers are THAT dumb. Consider the topic and article of this thread.
Smack your forehead some more.
Before you belittle those who question these digital meters, remember, if it weren’t for these meters pushed on us, you wouldn’t have a job. Who’s to say you didn’t omit something in those meters just so you can keep getting work to tweek things.
No, they are actually for selectively cutting off folks during the power shortages. And, of course, they are going to increase those shortages by using the EPA to shut down perfectly good coal generating plants. So unless you live amongst Holder's people, you are going to have some hot summer days. Although not as hot as I will have.
The thing is, at some point the information has to be decrypted. Perhaps it's a memory location on a chip in the smartmeter, or as easy as an optics port with a set encryption protocol that can't be changed without changing the whole smartmeter, or it's an easy remote reprogramming to get around people who might develop an optical transmitter to hack the system, or it might just be as easy as a pair of magnets that cause it to cease recording electrical usage.
It would be a fool who would try to spend time and energy hacking the datastream for a credit card processor, especially since you could walk in to most any restaurant, say you're there to upgrade the credit card machine, and you'll probably have two weeks of capturing swipes and pin numbers before the business owner catches on that there's not a penny going into his bank account, and probably even longer before the credit card companies start locking down those accounts.
How did they crack those uncrackable bluray discs? They used a leftover debug port on a blueray player to capture the encryption key. How did they crack some very sophisticated DRM on encoded music files? They watched the registers on the music program and when it saved the decode key, they did too.
Smartmeters will remain secure only so long as no one ever has physical access to the meters themselves, and that all employees who have the ability to access those meters remain loyal. Two big problems with this: One, meters are attached to houses, on the outside, and can be stolen. Especially a house that recently caught fire. And quite a number of those employees could easily find better income circumventing those meters then maintaining them for $15 an hour.
I applaud the belief that your datastream is secure. Just remember that one half of that encryption system is out in the wild. But never mistake the idea that since your communications system is secure, that the system is, by extension, secure. Our nation has found out that over and over again the hard way.
“Electronic (smart included) meters” you don’t know what you are talking about.
Not all electronic meters are smart, and we are only talking about the smart grid meters.
Also, we are talking economics which you apparently don’t know anything about. Perfectly good analog and digital meters ripped out to be replaced by smart meters was just stupidity.
I’ve had smart meters on electric and gas for over a year and my usage hasn’t varried at all except for gas usage durring cold and compared to same montha with the analog meters there isn’t any difference.
With a rental it’s real handy when changing tennants, they read the metewrs when i’m on the phone and get the final bills by e-mail the same day.
Same thing for turning it on for a new tennant it is done instantly with a phone call.
That isn’t a smart meter.
“That isnt a smart meter.”
That’s what SD&E and the Glendale Power Company call them!
A digital meter isn’t the same as a smart meter.
Digital meters have been around since the 80s.
That isn’t a smart meter.
Of course the Utility said everything was just fine.
No, they are actually for selectively cutting off folks during the power shortages. And, of course, they are going to increase those shortages by using the EPA to shut down perfectly good coal generating plants.
Like everything else in which the government is involved, I am certain there will be many unintended negative consequences.
I still dont’ want on simply on the basis of principles.
There is where we differ. I don't think the negative consequences ARE unintended. They have a plan, and they are following it.
Oh, but I DO know economics, or we wouldn't still be in business. Those "perfectly good" analog meters aren't (they're out of cal), but they're OK after we refurbish them. We make a nice sum doing that. Then, we sell them back to the utilities for when a crank like you insists on one, or to third-world countries who only have a few hours of usable electricity a day, and don't give a crap about peak shaving.
There is a perfectly good reason to remove one type of electronic meter and replace it with another: incompatible wireless networks. Show me an example where a digital meter was "ripped out" to be replaced with a smart meter, and I will show you an incompatibility between wireless networks. Again, those get sold back, refurbished, and sold to somebody else.
There's those economics again, that I'm not supposed to know.
Yep. And the utility, who operate on tiny margins anyway thanks to the ever-present squeeze of the political utilities commissions (oh, excuse me, PUBLIC utility commissions), was LOSING MONEY.
Another reason to replace those "perfectly good" analog meters everyone loves.
Do you really think the utilities should leave a meter there that has been there since the 80s, and is now INCOMPATIBLE with their present wireless network and therefore has to be manually read, just because your cantankerous self demands it? For free?
You ought to be charged double. Glad you're not running the utilities. Those people are stupid enough as it is.
WOW! Why didn't the entire electric utility and meter industry think of that, after 130 years? YOU'RE a freaking GENIUS! We should just "release the power" at the right time of day! Dayum! And the "technical challenges shouldn't be too great." (smacks forehead)
Your ignorance is what is great.
You can't store and "release" power like that. Utilities use AC. Batteries store DC. Conversion is inefficient, and COSTS MONEY. Nobody is going to make money like this. Extra generating capacity has to be brought online during peak time. That's why the whole infrastructure of the "smart grid" is being pushed.
Now, if you want to convert all the lights in your home to DC, and run them off batteries (I have in my ham radio room), now you can store some power. But you STILL have convert AC to DC (rectification), in which process you lose energy. And you gotta replace your batteries after 5 years. Or, keep them climate-controlled (Edison storage batteries).
This thread is the gift of ignorance that just keeps on giving.
An infantile response, but one I can't resist. Oh, and what was YOUR major in college? You don't make it in electrical engineering if you're dumb.
Ignorant people like you make me question why I became an engineer. You don't deserve to have a better world. You despise the very people who give it to you on a platter. Maybe we should let civilization destroy itself.
sweetie, you are the one who attached “dumb” to engineers, not I. Read your own posts. It’s obvious belittling others makes you feel more potent and superior. No one asked you a question, or asked why you became an engineer. You came in and started the attacks and insults on posters who have concerns.
They could have replaced them with a wireless electronic meter.
I can see you still don’t know the difference between a smart meter and a electronic one.