By Betsy Loeff, contributing writer
When millions of gallons of raw sewage gushed onto the grounds of a Queensland, Australia, hotel seven years ago, it wasn’t an equipment malfunction that caused the stink. It was a disgruntled employee who hacked into a municipality’s waste-management system. Police estimate he attempted some 46 attacks on the system during March and April, before he was caught on April 23, 2000.
Not all cyberspace troubles stem from malicious action, but cyber events do happen. And, even though cyber-security issues related to advanced metering don’t get much attention, they should. Soon, they might.
On July 19, the Federal Energy Regulatory Commission “proposed to approve” a set of standards aimed at safeguarding the nation’s bulk electric power supply against disruptions from cyber attacks. Among other things, the standards would require owners, users and operators of the grid to establish plans and protocols to safeguard access to both physical and electronic systems. Such an effort would start with identifying an entity’s critical assets, including cyber assets.
Joe Weiss, a nationally recognized cyber-security expert and partner at Applied Control Solutions, would argue that advanced metering infrastructure is one such cyber asset, and it is something “many utility people haven’t considered.” He has been working with the California Energy Commission to identify generic vulnerabilities associated with AMI, although he says that, ultimately, it’s wise to look at specific systems to pinpoint trouble spots.
Nevertheless, there are some general ideas to consider. Below, you’ll find a brief look at a few of them.
The two-way capability in most advanced metering infrastructures presents a two-way threat. Hackers can poke their uninvited fingers into utility assets — like substations — or compromise the privacy of utility customers by peeking into their consumption data.
An example of privacy invasion might be this: A burglar uses meter data to find a home where there is little or no consumption going on, indicating that the house is unoccupied.
Or, as a writer in ITnews recently suggested, hackers could siphon off electricity for use in indoor marijuana farms and charge it to consumers.
Weiss points out that misuse of AMI networks needn’t be a misuse of meter data. “AMI could be used as a pathway for someone to get from Point A to Point B,” he explains.
Meters themselves are tamper-proofed to be physically secure, he continues, but what’s going into the meter is not necessarily secure electronically. That means someone potentially could compromise a data packet going from a meter to a substation, thereby disrupting substation operations or even moving the data on to damage the grid.
Smarter but more vulnerable
Automated controls add complexity and vulnerability to utility networks, too. For instance, advanced meters often have connection and disconnection capabilities. With them, hackers might be able to knock utility customers out of service.
Of course, that may be nothing compared to what might happen with the automation technologies now under development for smart-grid applications. According to Weiss, these may have unintended consequences.
The power industry is moving away from old, cyber-dumb devices, which “weren’t connected and had no ability to be impacted electronically,” he notes. For improved reliability reasons, the industry is moving toward systems that are connected and, “all of sudden, we have a security issue with them. We have improved reliability at the expense of significantly new cyber vulnerabilities.”
Sometimes, Weiss maintains, lack of security is an issue of trust. There may be a bit too much of it.
That occurs, in part, because many AMI system providers assume the data coming into their systems is uncorrupted. “They’re assuming that whatever signal comes into their system is secure, so they can pass it on without worry,” he explains.
When an AMI system works via a virtual private network, it takes those presumably safe data, encrypts them and sends them down the line. What happens if the data coming into the VPN already are corrupt? They’ll come out compromised. “And no one will ask questions, because they’ve been encrypted,” Weiss says.
He maintains that as far as he can tell, no specific AMI system is necessarily more secure than others. That’s because cyber security applies to an entire system, including devices and communication media, as well as how those devices are connected.
Weiss also believes that most cyber events are unintentional. For example, he believes the shutdown of an 1,100-MW nuclear power plant in Alabama was “an architectural problem” or some other kind of unintentional SNAFU.
He adds, “There aren’t a lot of recorded events.” But, he thinks unwanted cyber activity is probably happening more than we realize.
Betsy Loeff has been freelancing for the past 14 years from her home in Golden, Colo. She has been covering utilities for almost four years as a contributor to AMRA News, the monthly publication of the Automatic Meter Reading Association.