InformationWeek reports that researchers at last week’s IEEE SmartGridComm2010 conference estimate that by 2015, the smart grid will offer up to 440 million potential points to be hacked.
Why mess with someone’s home electricity meter? Le Xie, an assistant professor of electrical and computer engineering at Texas A&M University, says it could provide attackers with the means to benefit financially. The article explains:
Utilities typically plan their energy requirements one day in advance. An attacker who manipulated apparent energy demands, forcing utilities to turn to emergency — and more expensive — energy resources could likewise place safe bets in the energy market.
Gambling against the price difference between the day-ahead market and the real-time market could be a real payoff.
Attackers also may want to cause chaos by taking out sensitive facilities or using usage patterns to determine when a consumer is on vacation and then burgling their house.
Another issue is that today’s smart grid systems could have a life span of 10 or 20 years. With such a long life span, their built-in security will become widely known and disseminated. As the article notes:
Today’s new smart grid meter could be 2030’s cyber-catastrophe, or at least give rise to some new variation on Stuxnet.
As a starting point to protecting the smart grid, the National Institute of Standards and Technology has released a list of 189 security requirements to build a safe, secure and reliable smart grid.