An embarrassing blow to Silver Spring Networks and the utilities (like PG&E) that have bought in to their wireless-mesh-networked-AMI debacle: The New York Times reports that a hacker known as “Atlas” went on stage at a computer security conference in Florida on Thursday and demonstrated how easy it is to hack in (and presumably disrupt) new smart grid mesh networks, and the utility services that depend on them. Stating, “I see these placed everywhere I want to be as a hacker,”:
Atlas said he was able to intercept Silver Spring’s radio frequency communications, in part, by examining publicly available patents and user manuals.
Silver Spring Networks did not immediately respond to a request for comment.
Although Atlas did not think an attack on the smart grid was imminent, he expressed concern that unless the systems were tested now, “10 years down the road they will be a real problem.”
“We are at a time in great need of vigilance,” he added.
Indeed. Not only are Silver Spring’s wireless signals making people sick, they also contain (your private) data- data that is at risk of falling into the wrong hands. The Florida demonstration follows last October’s announcement by USC researchers that they had hacked into the wireless signals from smart meters on an apartment complex, revealing detailed portraits of life in each unit:
The detailed electricity data gave information about activities within the household — when the inhabitants got up, went to work and got home, for example. The team was able to deduce that 27 of the apartments within the complex were unoccupied.
Silver Spring’s smart meter mesh networks are a microscope into your home life- an unwanted intrusion and privacy invasion that most people never approved- or even knew about in advance of installation. Those same data and access vulnerabilities are writing a new chapter of uncertainty when you consider that wireless, remote “off” switches are a function of most smart meters.
What if someone gains access and decides to- flip the switch?