A recent article on Wired.com reports that, with Smart Grid utility technologies being implemented at a rapid rate, experts are concerned that the cybersecurity of these systems is seriously lagging.
…[S]ecurity research on the systems is lagging behind the deployment of smart meters, which has already occurred in some places in the United States. PG&E [Pacific Gas & Electric] is in the lead with 5 million gas and electric smart meters deployed since 2006, which represents about half of its customer base. PG&E expects to deploy an additional 5 million smart meters by 2012.
According to one researcher,
…[T]he most common vulnerability…is susceptibility to “cross-site request forgery” on the control systems…. Cross-site request forgery allows an attacker to hijack an authentication cookie stored in a user’s browser — to authenticate him, for example, to his bank or, in this case, a utility control system — and obtain access to the system as that user.
Security experts also warn that the electronic remote-shutoff function–present in most smart meters, allowing utility companies to remotely shut-down electric service–should be completely disabled until smart grid cybersecurity solutions are more thoroughly understood and implemented.
However, according to the Wired.com article, of PG&E’s 2.5 million currently deployed electricity smart meters, only approximately 300,000 have had their remote-shutoff switches disabled. This leaves nearly 2.2 million deployed smart meters capable of remote shutoff.
Tags: security, smart meter, smart-grid
Questo aspetto e’ tra gli argomenti tenuti in evidenza nelle smart grid?
[...] previously discussed (here, here and here) the growing concern among security experts about the current state of Smart Grid [...]
[...] previously discussed the growing concern surrounding the security weaknesses in today’s smart grid technology. In addition, we recently reported on the 60 Minutes [...]