In the past decade, we have seen a massive increase in ‘smart’ internet connected devices. From Smart Phones, to Smart TVs, to Smart Cities – all are designed to make the user experience for all involved as smooth and easy as possible. Smart Meters are a growing part of the ‘smart’ device community and make it easier for both the homeowner and utility companies to measure electricity and gas consumption. No longer do we need bi-yearly check-ups and rough cost estimations; instead, everything is as accurate as can be and utilises an online network to carry data to and from the provider. Unfortunately, as with all devices that use the internet, there is a downside and that is the presence of cyber-attacks.
Just a few years back it was believed that most IoT devices (such as smart meters, washing machines or key fobs) were safe from DDoS attacks and take-overs. This is no longer the case. The Mirai Botnet attack of 2016 truly showed the world how terrifying cybercrime can be and that all are affected. The assault brought up concerns over how secure smart meters really are. We believe this is a valid concern, as nobody wants their information getting into the wrong hands. Furthermore, many IoT devices lack a way for IT teams to access this data or back-it-up, making these devices prime targets for hackers.
Late last year there was a report from Netanel Rubin, co-founder of the security firm Vaultra, that went into detail surrounding the problems that people may face if their smart meter was to get hacked. While his report was mostly focused on the consumer, a lot of the problems he expresses here affect business and industry as well. Using a Smart Meter to steal valuable and private information on customers or employees is a major issue. Plus if a hacker can get control of the electricity in the workplace, then they can severely damage work productivity and cause damage that will set a company back possibly by months. And this is just the tip of the iceberg of problems that hackers can cause by accessing Smart Meters so it is important to be prepared.
Today, the Smart Meter Implementation Programme is the largest critical national infrastructure programme of work undertaken within the UK within the last 40 years. Smart meters will play an important part in Britain’s transition to a low-carbon economy and help us meet some of the long-term challenges we face in ensuring an affordable, secure and sustainable energy supply. At the core of this complex infrastructure is security.
Here at RiverSafe we strongly believe that Smart Meters are the future and as such we have invested in both the technical and industry-specific expertise and knowledge to sort out any issues and concerns an organisation may have surrounding smart meters. Using threat management and assessment skills we can pinpoint all the problems and weaknesses of a Smart Meter and take the appropriate steps to patch them. With connections all the way up the manufacturing chain we can help on all fronts to make sure your Smart Meter meets the CPA requirements for GB SMIP.
A simple analysis and fix does not always suffice, though. RiverSafe will continue to review and test all aspects of your device design and configuration, ensuring that it is optimal and fully secure at all times. RiverSafe’s expertise in infrastructure assurance is second to none and we are proud of the reputation we have established in this area. Our support does not stop once fixes have been put in place. RiverSafe conducts in-house security awareness training for key staff responsible for maintaining the smart metering product. Our support can be purchased through our ‘Smart Meters Suppliers Security Package’.
Smart Meters are designed to make things easier for both utility companies and their customers, and even though there can be security implications with smart meters, we still believe this is the case. Any device requires maintenance or updates every so often, and when that time comes RiverSafe is here to make sure you get the highest quality protection out there for an organisations Smart Meter.
Written by Soraya Jiménez Beamud, Security Consultant, RiverSafe