Spain's Smart Meter Vulnerabilities Trigger Panic The security vulnerabilities discovered in this Spanish meter may allow hackers to conduct billing fraud or even shut down the entire circuit system, causing widespread power outages. The main reason lies in the fact that security certificates that are poorly protected during the meter period allow hackers to obtain and successfully control the circuit system.
The researchers who discovered the vulnerability, Javier Vazquez Vidal and Alberto Garcia Illera, said that the scope of the vulnerability is very wide. The smart meters installed by Spain's public utility companies that improve the country's energy efficiency are among the scope of influence.
Two researchers will demonstrate the discovery process at the Black Hat conference in Amsterdam. The two will publish the process of reverse smart electricity meters, including how they discovered this extremely dangerous security issue, and how the vulnerability would allow intruders to successfully conduct electricity tariff frauds and even close the circuit system.
The vulnerability exists in smart meters, and the smart meter is programmable, and it also includes defect codes that may be used to turn off the power remotely. The scope of the impact ... can be said to be millions of households. Before the bug was fixed, researchers said that they could not provide any details about the vulnerability at this time.
According to the research of two researchers, smart meters use a relatively simple AES-128 symmetric encryption algorithm. The purpose of the algorithm itself is to ensure the security of communications, but it is not wise to use this algorithm. ''
Three attacks on smart meters are increasingly deployed in automated meter reading systems (AMRs), automatic metering systems (AMIs), and smart grid infrastructures with security solutions such as data hackers and system malware. And cyber attacks are also gradually increasing. Other vulnerable areas in automated metering devices include non-secure data buses, serial connections, or remote debug port access. How to ensure data security and customer privacy in smart meters and smart energy gateways?
It is understood that the types of attacks on smart meters can be roughly divided into physical attacks (external interference, bypassing the midline, missing midline, etc.), electrical attacks (over/undervoltage, circuit detection, ESD, etc.) and software and data attacks (spyware Insertion, cyber attack). In addition to physical tampering with the meter, most of the known vulnerabilities are related to communication media and communication protocols because the electricity grid is interconnected.
Solutions for physical tampering include the use of magnetic sensors (detection of strong magnetic fields, strong magnetic fields that can affect the readings of current transformer meters), tilt sensors, detection of meter removal at an authorized location, or physical tampering, tampering in firmware Algorithms to help ensure continuous billing. Anti-tamper switches can also be placed on the meter housing. When the case is opened, tampering notifications can be triggered.
Automatic metering systems include software, hardware, communications, customer-related systems, and meter data management (MDM) software. As electricity meters become smarter and networked, meter software must provide adequate security features to prevent unauthorized changes to software configurations, recorded data readings, and calibration data modifications. The solution needs to incorporate security technologies to ensure the security of the communications channel and ensure the physical security of the assets, making the smart grid more secure and reliable.
The purpose of attacking the smart meter is to attack the individual. The attacker will be able to attack the meter in the best way. The purpose may be to change the current sensing device so that it detects less power; or to reverse engineer the meter software so that it reports less power.
Social attacks may start in a similar way: attackers study electricity meters and try to understand how it works. Its purpose is to extract the key, reverse engineer the software protocol, and reset the meter. Once successful, the attacker can reconfigure large numbers of meters, reduce the actual power consumption, or disconnect at a given date and time.
Security of protocols, controls, and commands Currently, there are many data exchange protocols used by parties in the power grid. The Transmission Control Protocol (TCP)/Internet Protocol (IP), Hypertext Transfer Protocol (HTTP), and File Transfer Protocol (FTP) are widely used in the global information technology field. Because the transmitted data is easily stolen by hackers, the data is not very secure and vulnerable to attack. For grids or smart meters, non-secure protocols must be replaced with protocols such as Internet Protocol Security (IPSec), Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Secure Shell (SSH). IPSec uses encryption technology to ensure the data confidentiality, integrity, and authenticity of the communications between private networks.
Symmetric key cryptography such as AES is suitable for batch data, but its security level is not high. Asymmetric key cryptosystems such as the Elliptic Curve Digital Signature Algorithm (ECDSA) are suitable for encryption/remote disconnection/connection of real-time electricity price changes and other controls/commands. This ensures that the command to control the grid equipment is highly authentic. Key exchange based on Elliptic Curve Cryptography (ECC) provides a high level of security. Wireless networks such as Zigbee® can use ECC to provide digital certificates for exchanging information between ZigBee nodes/devices in the smart grid ecosystem.
[China Instrument Network Industry Focus] Recently, researchers have discovered that there are security loopholes in the smart meters used in Spain. This loophole can lead to electricity tariff fraud and even into the circuit system, leading to large-scale blackouts. Researchers revealed that due to the lack of necessary security controls, hundreds of thousands of households in Spain are exposed to the risk of cyber attacks.