Hacking a Smart Meter and Killing the Grid

by K.T. Weaver, SkyVision Solutions

Nick Hunn of Creative Connectivity published an article this month entitled, “How to Hack a Smart Meter and Kill the Grid … And then all the lights went out.” [1]

Hunn says his new article is one he “would have preferred not to write” but felt obligated to issue a formal warning before “the lights go out.”

Nick Hunn is more convinced than ever that evidence now exists that rogue chips may be embedded into electronic circuit boards during the manufacturing process, such as those contained within utility smart meters.  Smart meters can be considered high value targets for hackers due to the existence of the “remote disconnect” feature included as an option for most smart meters deployed today.

More specifically, quoting Hunn’s article:

“I’ve always been concerned about the vulnerability of the British smart meters to hacking at the manufacturing stage.  The reason for that concern is that these meters contain an OFF switch which allows power to be disconnected by the energy supplier.  This is a convenience for them, as they no longer need to send someone round to gain access to a building.  However, if it were ever hacked, the hackers could turn off millions of meters at the same time.  That could be used to destroy the electricity grid. …

What is most worrying is that it’s potentially very easy. …

Let’s start off simple and just add a few lines of code that disconnect power to the home at a predetermined date.  Smart meters have real time clocks, which should be regularly synchronised, so it’s not difficult to get millions of them to switch off within the same mains cycle.  You want to make sure that once you’ve disconnected the household supply, the energy companies can’t turn it back on, reset the meter or upload new firmware, so add a few more lines to turn off the comms, or just overwrite the authentication keys.  Make sure you hide the code so that no-one spots it and you’re done. …

You want to make sure your code is not overwritten by any subsequent firmware upgrade, so it’s probably worth popping it in something which is likely to stay static, like the cluster library, or, if you can get to it, the bootloader.  If you get the chance, put it in ROM.  Job done. …

To get the best chance of doing damage, you can do better than just disconnecting the supply by turning it back on again a few hours later and repeating that sequence a few times.  That will really confuse anyone trying to restart the grid and probably cause more damage.  …

Smart Meters have an external wireless connection, so that opens up the opportunity for a firmware hack which could be externally activated, allowing the hacker to turn meters on or off as desired.”

According to Hunn the only real solution is to remove the remote disconnect feature from smart meters:

“There’s an easy solution – remove the disconnect option from smart meters.  It’s only there because energy suppliers want their lives to be easy.  That’s the problem with the whole of the GB smart metering program – it’s been debased to the point where it only benefits the suppliers and has thrown away the wider benefits, but not the risk and costs to consumers.”

In May 2016, I highlighted Nick Hunn’s testimony at the UK House of Commons’ Science and Technology’s “evidence check.” [2]  A noteworthy statement at that time was that the smart meter remote disconnect was “an unnecessary risk” to the electric grid.  Two years later not much has changed.  Smart meters continue to be deployed that include the remote disconnect feature.  Governments and the utility industry do not appear to take the risk of catastrophic outcomes seriously.  More bluntly, they negligently ignore the obvious risks.

For a complete copy of Nick Hunn’s article, refer to http://bit.ly/killthegrid

References

[1] “How to Hack a Smart Meter and Kill the Grid … And then all the lights went out,” by Nick Hunn, October 8, 2018, at http://www.nickhunn.com/how-to-hack-a-smart-meter-and-kill-the-grid/

[2] “Smart Meter Remote Disconnect: An ‘Unnecessary Risk’ for Significant Damage to the Grid,” SkyVision Solutions Blog Article, May 2016, at https://smartgridawareness.org/2016/05/12/smart-meter-remote-disconnect-an-unnecessary-risk-for-significant-damage-to-the-grid/

Below is the 3-minute video that was included as part of the 2016 article mentioned above. [2]

About SkyVision Solutions

Raising public awareness and finding solutions for smart grid issues related to invasions of privacy, data security, cyber threats, health and societal impacts, as well as hazards related to radiofrequency (RF) radiation emissions from all wireless devices, including smart meters.
This entry was posted in Smart Grid, Smart Meters, and RF Emissions and tagged , , , . Bookmark the permalink.

6 Responses to Hacking a Smart Meter and Killing the Grid

  1. David Hine says:

    The fire hazard of the internal ‘hidden’ smart meter cut off switch MUST BE MADE SAFE. The ONLY way to achieve this is a law forbidding the presence of that internal cut off contact. It MUST being removed from ALL smart meters. Smart meter contact night fires will escalate when more folk get these smart meters and new electric cars, and charge them overnight. The chargers will put an extra heavy load on those smart meter internal cut offs, which if slightly resistive, will certainly ignite the PLASTIC meter case. Wake up to a nice cosy 3am ‘REAL’ fire!! -get a smart meter!!”. David Hine

  2. John Advent says:

    Very interesting reading this i never knew this can happen remotely. This is so true about being open to hackers to disconnect the supply. This is very scary.

  3. Pingback: Hacking a Smart Meter and Killing the Grid | Smart Meter News

  4. David Hine says:

    These smart meter internal ‘hidden’ breakers that carry the FULL load current, are also a definite fire hazard. One was retrieved by a Fire Officer (who also inspected my workplace every few months), and the internals of that smart meter were identified as the definite cause of a fire that was fortunately brought under control. The retrieved smart meter was a blackened melted ‘blob’. The possibilities of RF problems and the body are not my area of know how, but fire prevention is something that I am experienced in. Loose ‘high resistance’ connections, and relay contacts under heavy loads cause more electrical fires than any other electrical ‘fault’ on 240 volt domestic circuits. The heat developed by a contact ‘fault’ resistance of only 1 Ohms with 30 Amps passing will develop 900 Watts of pure heat at the small point of the ‘fault’ resistance. The temperature at that point will quickly rocket to over 1000 Centigrade (white heat), setting fire to anything flammable, and then causing arcing through the conductive flames across the incoming supply, multiplying the generated heat 100 times (explosion). The ‘voltage drop’ across this 1 Ohm ‘fault’ will be only around 30 Volts out of 240 Volts, so would not be very noticeable by the user as a ‘warning’ something is very wrong. All this happening inside a flimsy flammable PLASTIC housing under YOUR stairs. The internal cut off breaker in smart meters must be removed, before we have more domestic fires, and possibly another ‘Grenfell’. “Come home to REAL fire -get a smart meter!!” David Hine

  5. keithjim says:

    Insightful article! Not only does the Remote Disconnect help the utility, it helps whatever party or subversive group that controls the utility to do the same, thus controlling dissenters. Simply put, it is politically scary…

    Beyond that is the reason why they removed the spark gaps from the meter–an electrical discharge (from lightning) across the spark gap in close proximity to the smart meter electronics would likely scramble the memory and/or the remaining electronics, and perhaps drop the remote disconnect…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.