Well, who could possibly have seen that coming?
[sarc] No, really, this is completely unexpected, isn’t it? [/sarc]
A series of hacks perpetrated against so-called “smart meter” installations over the past several years may have cost a single electric company hundreds of millions of dollars annually, the FBI said in a cyber intelligence bulletin obtained by KrebsOnSecurity.
The US law enforcement agency said this was the first known report of criminals compromising the hi-tech meters, and that it expected this type of fraud to spread across the country as more utilities deploy smart grid technology.
… insiders and individuals with only a moderate level of computer knowledge are likely able to compromise meters with low-cost tools and software readily available on the internet.
Sometime in 2009, an electric utility in Puerto Rico asked the FBI to help it investigate widespread incidents of power thefts that it believed was related to its smart meter deployment. In May 2010, the bureau distributed an intelligence alert about its findings to select industry personnel and law enforcement officials.
Citing confidential sources, the FBI said it believed former employees of the meter manufacturer and employees of the utility were altering the meters in exchange for cash and training others to do so.
“These individuals are charging $300 to $1000 to reprogram residential meters, and about $3000 to reprogram commercial meters,” the alert states.
The FBI believes that miscreants hacked into the smart meters using an optical converter device – such as an infrared light – connected to a laptop that allows the smart meter to communicate with the computer. After making that connection, the thieves changed the settings for recording power consumption using software that can be downloaded from the internet.
I’ve always thought there was a certain amount that’s pretty dumb about ‘smart’ meters but that they could be hacked – and let’s face it, illegal meter fiddling has a long and inglorious history anyway – I thought was a foregone conclusion. Personally I have no clue at all how to fiddle an old fashioned meter and I’ve only ever met one person who claimed to have done it, and I took that with a pinch of salt, but if anyone can download the software from the internet I’d expect meter fiddling to become much more common. This doesn’t thrill me much since I’m stupid enough to be honest and so I’ll no doubt be paying someone else’s share once everyone in Victoria has a smart meter and hacking the fucking things has made its way here too.
And the way some of them can be hacked… oh dear!
The bureau also said another method of attacking the meters involved placing a strong magnet on the devices, which caused it to stop measuring usage, while still providing electricity to the customer.
“This method is being used by some customers to disable the meter at night when air-conditioning units are operational. The magnets are removed during working hours when the customer is not home, and the meter might be inspected by a technician from the power company.”
A magnet, FFS.
Because the meter continues to report electricity usage, it appears be operating normally. Since the meter is read remotely, detection of the fraud is very difficult. A spot check of meters conducted by the utility found that approximately 10 per cent of meters had been altered.”
Palm, this is face. Face, meet palm. I don’t suppose we can call a halt to the roll outs now, can we?