We weren’t sure it was possible,” Mr. Paller said. “He
actually verified it’s possible. … If the Department of
Energy is going to make sure the meters are safe, then
Josh’s work is really important.
SANS has invited Mr. Wright to present his research Tuesday
at a conference it is sponsoring on the security of
utilities and other “critical infrastructure.”
Industry representatives say utilities are doing rigorous
security testing that will make new power grids more secure
than the patchwork system we have now, which is already
under hacking attacks from adversaries believed to be
working overseas.
“We know that automation will bring new vulnerabilities, and
our task - which we tackle on a daily basis - is making sure
the system is secure,” said Ed Legge, spokesman for Edison
Electric Institute, a trade organization for
shareholder-owned electric companies.
But many security researchers say the technology is being
deployed without enough security probing.
Mr. Wright said his firm found “egregious” errors, such as
flaws in the meters and the technologies that utilities use
to manage data from meters. “Even though these protocols
were designed recently, they exhibit security failures we’ve
known about for the past 10 years,” he said.
He said InGuardians found vulnerabilities in products from
all five of the meter makers the firm studied. He would not
disclose those manufacturers.
One of the most alarming findings involved a weakness in a
communications standard used by the new meters to talk to
utilities’ computers.
McKinney, Texas
Angola, Luanda
San Francisco, California
Fort Wayne, Indiana
Las Vegas Nevada USA
Germany, Berlin
Melville, Victoria
St. Petersburg, Florida
Botswana, Gaborone
Al Naslah, United Arab Emirates, Al Naslah, UAE
Try any
Q-Link or
cell chip
for 3 months, absolutely
RISK-FREE If you do not feel Q-Link improves your
focus, energy, or well-being, simply return it for a full
refund.
Airtube headsets have
30 a day refund.
Contact: Research Center For Wireless Technology 1-888-470-9886
201-484-7652