How To Prevent Smart Meters From Being Hacked?

Express Computer | June 07, 2019

How To Prevent Smart Meters From Being Hacked?
Smart electricity meters are useful because they allow energy utilities to efficiently track energy use and allocate energy production. But because they’re connected to a grid, they can also serve as back doors for malicious hackers. Cybersecurity researcher Karthik Pattabiraman, an associate professor of electrical and computer engineering at UBC, recently developed an automated program aimed at improving the security of these devices and boosting security in the smart grid. “Our program uses two detection methods for these types of attacks. First, we created a virtual model of the smart meter and represented how attacks can be carried out against it. This is what we call design-level analysis. Second, we performed code-level analysis. That means probing the smart meter’s code for vulnerabilities, launching a variety of attacks on these vulnerabilities,” said Pattabiraman. The method, described here, addresses smart meters’ vulnerability to what the researchers call software-interference attacks, where the attacker physically accesses the meter and modifies its communication interfaces or reboots it. As a result, the meter is unable to send data to the grid, or it keeps sending data when it shouldn’t, or performs other actions it wouldn’t normally do.

Spotlight

Sophisticated attacks yielded big rewards in 2014 and the 2015 threat landscape shows no sign of slowing down. Sandboxing is a hot topic in enterprise security however advanced threat protection requires more than just adding a standalone sandbox.

Related News

DATA SECURITY

Combating industrial cyber threats with new security certifications and products, Rockwell Automation

businesswire | November 19, 2020

Organizations keep on requiring help making sure about their modern activities as they associate creation and IT frameworks and battle with cyberthreats focusing on mechanical control frameworks. To address this issue, Rockwell Automation keeps extending its cybersecurity accreditations and joining progressed security capacities into a greater amount of its items. Rockwell Automation as of late got confirmation to the IEC (International Electrotechnical Commission) 62443-3-3 cybersecurity standard. The accreditation, performed by outsider TÜV Rheinland, implies Rockwell Automation has exhibited the capacity to introduce and arrange creation frameworks to meet security prerequisites to level 1 as characterized on the planet's driving worldwide norm. Rockwell Automation offers reference designs for executing an ensured creation framework, for example, PlantPAx 5.0, the cutting edge disseminated control framework (DCS) for plantwide measure control. The structures were created to assist clients with guaranteeing creation frameworks while limiting the need to purchase new advancements as a component of the cycle. Until now, Rockwell Automation has gotten a few confirmations for the IEC 62443 arrangement of norms. Rockwell Automation likewise as of late got confirmation for the ISO (International Organization for Standardization) 27001 norm, affirming that the organization's data security the board framework used to ensure information fulfills the guideline's prerequisites. This can give significant serenity to clients that Rockwell Automation is utilizing best practices to secure their licensed innovation, for example, when clients use administrations like distant help and observing. “Companies are facing the dual challenge of digital transformation to stay competitive, while also keeping their people, operations and intellectual property secure,” said Sujeet Chand, senior vice president and chief technology officer, Rockwell Automation. “We continue to aggressively expand our cybersecurity skills, certifications, product capabilities and services in ways that help our customers stay ahead of new threats and focus on realizing new possibilities with digital transformation.” Notwithstanding procuring the new confirmations, Rockwell Automation is additionally delivering new items with CIP Security to assist organizations with making sure about their correspondences. Created by the worldwide exchange and standard improvement association ODVA, CIP Security is the simply standard intended to make sure about correspondences between modern control frameworks and different gadgets on an EtherNet/IP organization. New modern control items offering CIP Security include: Allen-Bradley PowerFlex 755T AC drives Kinetix 5300 servo drives Other Rockwell Automation items that as of now uphold CIP Security include: ControlLogix 5580 regulators Kinetix 5700 servo drives 1756-EN4TR correspondence module To help ensure the numerous gadgets being used today that don't uphold CIP Security, Rockwell Automation is additionally presenting the new CIP Security Proxy gadget. At the point when utilized in a truly made sure about area, the gadget gives CIP Security to a wide scope of modern control gadgets and make safer mechanical organizations. About Rockwell Automation Rockwell Automation, Inc. , is a global leader in industrial automation and digital transformation. We connect the imaginations of people with the potential of technology to expand what is humanly possible, making the world more productive and more sustainable. Headquartered in Milwaukee, Wisconsin, Rockwell Automation employs approximately 23,000 problem solvers dedicated to our customers in more than 100 countries. To learn more about how we are bringing The Connected Enterprise to life across industrial enterprises.

Read More

RevBits declares the issuance of a U.S. patent for a special product protection system using encryption with zero information

prnewswire | September 08, 2020

Cybersecurity software provider RevBits today has announced that the United States Patent and Trademark Office (USPTO) has issued U.S. Patent No.US10579542B2 covering technology which provides the security of zero-knowledge encryption for data in transit and at rest, while providing the ease and efficiency of implementation of encryption within the user's browser. "As part of our ongoing commitment to provide our customers with the most advanced cybersecurity software solutions to protect their most valuable assets, we are continuously investing to improve the internal security of our solutions.

Read More

odix joins the MISA program extending FileWall security logs to Microsoft Azure Sentinel

prnewswire | September 30, 2020

The Microsoft Intelligent Security Association was formed in 2018 to provide a community for premier cybersecurity companies to collaborate and better integrate their technologies with Microsoft Security products. By joining MISA, odix looks to advance its CDR solutions fluid integration into the range of widely used Microsoft software products.MISA uniquely fosters the critical relationships between innovative designers and developers creating cyber security products that integrate with Azure Sentinel, the Graph Security API and other Microsoft products. By removing the obstacles to direct integration, MISA members, such as odix, can fast track technological and product developments to produce a more robust security ecosystem for Microsoft 365 users.

Read More

Spotlight

Sophisticated attacks yielded big rewards in 2014 and the 2015 threat landscape shows no sign of slowing down. Sandboxing is a hot topic in enterprise security however advanced threat protection requires more than just adding a standalone sandbox.