by K.T. Weaver, SkyVision Solutions
Nick Hunn of Creative Connectivity published an article this month entitled, “How to Hack a Smart Meter and Kill the Grid … And then all the lights went out.” 
Hunn says his new article is one he “would have preferred not to write” but felt obligated to issue a formal warning before “the lights go out.”
Nick Hunn is more convinced than ever that evidence now exists that rogue chips may be embedded into electronic circuit boards during the manufacturing process, such as those contained within utility smart meters. Smart meters can be considered high value targets for hackers due to the existence of the “remote disconnect” feature included as an option for most smart meters deployed today.
More specifically, quoting Hunn’s article:
“I’ve always been concerned about the vulnerability of the British smart meters to hacking at the manufacturing stage. The reason for that concern is that these meters contain an OFF switch which allows power to be disconnected by the energy supplier. This is a convenience for them, as they no longer need to send someone round to gain access to a building. However, if it were ever hacked, the hackers could turn off millions of meters at the same time. That could be used to destroy the electricity grid. …
What is most worrying is that it’s potentially very easy. …
Let’s start off simple and just add a few lines of code that disconnect power to the home at a predetermined date. Smart meters have real time clocks, which should be regularly synchronised, so it’s not difficult to get millions of them to switch off within the same mains cycle. You want to make sure that once you’ve disconnected the household supply, the energy companies can’t turn it back on, reset the meter or upload new firmware, so add a few more lines to turn off the comms, or just overwrite the authentication keys. Make sure you hide the code so that no-one spots it and you’re done. …
You want to make sure your code is not overwritten by any subsequent firmware upgrade, so it’s probably worth popping it in something which is likely to stay static, like the cluster library, or, if you can get to it, the bootloader. If you get the chance, put it in ROM. Job done. …
To get the best chance of doing damage, you can do better than just disconnecting the supply by turning it back on again a few hours later and repeating that sequence a few times. That will really confuse anyone trying to restart the grid and probably cause more damage. …
Smart Meters have an external wireless connection, so that opens up the opportunity for a firmware hack which could be externally activated, allowing the hacker to turn meters on or off as desired.”
According to Hunn the only real solution is to remove the remote disconnect feature from smart meters:
“There’s an easy solution – remove the disconnect option from smart meters. It’s only there because energy suppliers want their lives to be easy. That’s the problem with the whole of the GB smart metering program – it’s been debased to the point where it only benefits the suppliers and has thrown away the wider benefits, but not the risk and costs to consumers.”
In May 2016, I highlighted Nick Hunn’s testimony at the UK House of Commons’ Science and Technology’s “evidence check.”  A noteworthy statement at that time was that the smart meter remote disconnect was “an unnecessary risk” to the electric grid. Two years later not much has changed. Smart meters continue to be deployed that include the remote disconnect feature. Governments and the utility industry do not appear to take the risk of catastrophic outcomes seriously. More bluntly, they negligently ignore the obvious risks.
For a complete copy of Nick Hunn’s article, refer to http://bit.ly/killthegrid
 “How to Hack a Smart Meter and Kill the Grid … And then all the lights went out,” by Nick Hunn, October 8, 2018, at http://www.nickhunn.com/how-to-hack-a-smart-meter-and-kill-the-grid/
 “Smart Meter Remote Disconnect: An ‘Unnecessary Risk’ for Significant Damage to the Grid,” SkyVision Solutions Blog Article, May 2016, at https://smartgridawareness.org/2016/05/12/smart-meter-remote-disconnect-an-unnecessary-risk-for-significant-damage-to-the-grid/
Below is the 3-minute video that was included as part of the 2016 article mentioned above.