Smart meter security disaster
In a taxi a few weeks ago the driver was bemoaning new ‘smart’ electricity meters. He swore his families living pattern hadn’t changed but his electricity bill had gone up steadily since a new smart meter had been installed at his house. I asked him what the electricity company had to say about it and he said they told him all his power was being used at the peak periods of the day.
Everyone who drives across the Sydney harbour bridge will be intimately aware of the new normal of price gouging at peak times. Back in 2009 the Victorian Auditor General slammed smart meter trials and suggested there was a high risk consumers would be saddled with the cost of the network rollout. One comment from ‘Anonymous’ on ZDNet suggested their peak rate at Maitland went from 12.8cKwh to 32.4c Kwh (155% increase) after smart meters were rolled out. On the anecdotal evidence of Anonymous and my taxi driver the Victorian Auditor General was prophetic.
It’s a disturbing idea that a power company has smart meter data at it’s finger tips, while consumers are in no position to verify claims and have little of control power usage by time. If we all started eating very late and showering after midnight they would simply move the peak rate.
With this background we come to this months Aurora stuff up. To summarize, someone stole a SIM card from a smart meter in Tasmania and gave it to a woman who used it for phone calls and internet downloads. Earlier this month she was found guilty and sentenced to 18 months in jail and ordered to pay the $193,187.43 bill Aurora received from Telstra for the data and phone usage. See the story of her sentencing in The Mercury
Looking at the facts from this case raises a lot of questions that should concern consumers.
Aurora got a bill for $193,187.43 from Telstra for a two and a half month period. Of course we have no idea how much data was used but that’s a gigantic bill - what on earth is the data charge rate and who is it normally passed on to?
Aurora clearly had no clue as to how much data was being consumed or how much it was costing so is wide open to abuse if anything goes wrong either through mistake or theft. In the light of this one has to question how smart this so called smart grid really is and whether it’s mainly smart at billing customers rather than protecting them.
The SIM card taken was part of a trial and supposed to be disconnected but wasn’t. Maybe it’s harsh but what kind of procedural failure is this - did they try even to disconnect it?
Finally we get to the security questions around the mass roll out of smart meter technology. Power is only the start, smart meters are used for gas and water in other parts of the world and with the new normal of gouging the user at peak times it seems an easy way for utilities to drive profits at consumers expense. There are likely to be millions of these types of meters installed in the next few years.
Researches have long pointed out smart meters can be hacked in a variety of ways. The utility expects the manufacturer to build security in, but good security costs real money in both development and manufacture resulting in a less competitive product. The current generation of product is without signed or encrypted firmware, secure chips for key storage, unique cryptographic keys or physical tamper protection. On top of these design issues the current system obviously allows SIM cards to be not cancelled, removed and used elsewhere.
I feel fearless making the following predictions:
1. Your smart meter data will be sold and used in ways you cannot imagine without your knowledge or specific approval. Therefore your utility contracts are about to be updated to try and cover their legal arses.
2. A micro industry will be birthed to develop tools for verifying smart meter claims and dispute burgeoning gouging by utility companies, which will eventually lead to some kind of industry ombudsman to mediate. Poor people who cannot afford such tools will be gouged without mercy.
3. Current crappy technology will be hacked and cause legislation to control the security fall-out on “critical infrastructure” that should have been built in to begin with. Utilities will complain the costs of complying with legislation is high and get permission to pass those costs on to consumers.
4. All the deployment costs for both the initial rollout and the subsequent patch-up roll out will be lumped straight on the consumer and electricity prices will sky rocket even if carbon tax never happens and the price of oil drops.
Comments
Post new comment