Safety products: Using smart meters as a digital attack vector
Smart meters: Tripwire discusses how smart meters go beyond simply reporting on usage. They include two-way communication at frequent intervals, and they can report on situations like outages.
By Tim Erlin, VP of IT and security risk strategist for cybersecurity firm Tripwire
Smart meters: Even if you’re not in the utility industry, it’s hard to ignore the slow march forward of the smart meter. The days of a utility employee stopping by to check the meter are well on their way out. In fact, it’s hard to imagine a system that relies on someone physically showing up to check the meter at all. Today, smart meters go beyond simply reporting on usage. They include two-way communication at frequent intervals, and they can report on situations like outages.
Communication infrastructure known as the Advanced Metering Infrastructure (AMI) is what really enables the smart meter’s benefits. It links electric, gas, and water meters to a data transmission network. These channels then feed customers’ power read-outs to a meter data management system via an AMI host.
Unfortunately, this relatively new technology is also what worries information security professionals. According to a report (PDF) published by Sandia National Laboratories, AMI is susceptible to multiple threats. A consumer could use information from an AMI vendor or reverse-engineer the device’s firmware to reprogram the meter so that it reports false information, for example, whereas a malicious insider could access the AMI on the customer end to modify pricing information or change network settings attacks.
The types of threats described above can both have serious consequences, but the level of risk from altering reported usage doesn’t measure up to how an actor like a nation-state could abuse the AMI.
First, if a smart meter could be used as a vector for entry into other infrastructure, a nation-state attacker could use these physically accessible devices to get into a utility’s systems and cause significant disruption across millions of people’s lives. To prevent such a scenario from happening, the smart meters must be treated as untrusted border devices. A fair amount of concern and investigation has been put into this angle of attack, though there’s always room for improvement.
Second, it’s feasible that a sophisticated actor could access the power grid and tamper with people’s electricity. Cutting off power to a significant population through smart meters would require either a mass compromise of the meters themselves or, more likely, a compromise of the infrastructure managing the meters. The first case really hits upon supply chain risks, but these risks aren’t unique to smart meter infrastructure; they’re applicable to all devices that utilities acquire. Indeed, the NERC Critical Infrastructure Protection standards are actively expanding to push all utilities to deal with supply chain risk.
To be sure, the potential to compromise smart meter management infrastructure is a real concern. But defending against smart meter threats need not be complicated. The best mitigation strategies should focus on deploying good foundational security controls around all the utility’s infrastructure. For instance, organizations can implement CIS Critical Security Control #5 and restrict the number of personnel who can access their endpoints. They can then employ CIS Critical Security Control #6 and monitor the audit logs for unusual login information.
Smart meters are a good example of where foundational security controls need to be extended to deal with new environments rather than inventing a new type of control. The basics of security hygiene are best practice in every type of situation. That’s regardless of technology, from smart meters to the cloud.
To learn more about the benefits of one framework of foundational security controls, click here.