Morgan Meier, Technical Support Specialist
Smart energy is a cost-effective and sustainable energy system in which renewable energy production, infrastructures, and consumption are integrated and coordinated through energy services, active users, and enabling technologies. Many energy companies are moving over to smart meters, which allow service providers to remotely monitor the consumer’s consumption, connect, and even disconnect power.
This leads to who or what could be lurking on the network waiting to do malicious activity? Will they shut off your power, inflate your energy consumption, or worse: take out part of the power grid? These are all possibilities once a smart meter is connected to the network. Over the past few years smart energy and smart metering has become more prevalent in households and businesses and it will continue to grow as smart metering implementation programs begin to roll out. For instance, the UK government plans to roll out smart meters in each of their 26 million homes by 2020.
While smart energy gives insight to consumers on how they are using energy in an environment, it also gives hackers the chance to exploit any vulnerabilities that are there. Smart meters still lack the proper security mechanisms to defend against these malicious threats.
Protocols for Smart Metering
One protocol used by smart meters is ZigBee, used to communicate with smart appliances in consumer homes. In addition, Global System for Mobile (GSM) communication is used for communication between the meter and the electric utility. Both ZigBee and GSM are known to contain vulnerabilities, and have been poorly implemented in smart meters.
What Happens if You’re Breached?
Hackers have proven they can cripple the internet for hours at a time with just a bit of effort. With the right mindset, they could take out utilities the same way, or spoof usage at the very least.
It is necessary to see into the network traffic. Over the past few months, it has become apparent that anything connected to the internet is at risk of a cyberattack. A denial of service (DDoS) attack created a massive internet outage to most of the eastern United States using “hundreds of thousands of Internet-connected devices—from Web cameras to routers—that had been hacked to contribute to the attack.” How can you guarantee that a smart meter would not be on that list of infected devices the next time?
What Measures Should You Have in Place?
While having emergency measures in place when an attack happens on your smart meter is good, knowing where the breach started and how a malicious actor moved through the network is a better way to react in the future. Building policies to alert on any further corruption to the network is imperative.
Using an effective monitoring solution can help determine how traffic behaves in your network and where the traffic is going. The data will provide critical evidence as to where the malicious actors originated and how the malicious actor moved their way through your network.
With NetFlow collection, security teams can quickly be alerted and act if a host is talking outside of its designated network or subnet and react to the threat. By playing back the traffic in your network, you can uncover where the vulnerabilities exists then remediate them. As more utility companies move to smart energy and metering, the need for security monitoring will grow.
For more info on combating modern attack methods, check out our blog on Preventing Cyberattacks in 2017.