Narong Jongsirikul - Fotolia
The government was warned as long as four years ago that its plans for a nationwide roll-out of smart meters represented a “potentially significant” security and privacy threat, Computer Weekly has learned.
A report in the Financial Times last week said that GCHQ had “intervened” to help boost the security of the £11.7bn programme to install smart meters in every UK home.
An unnamed senior Whitehall official told the FT that every smart meter used the same encryption key for data communication, opening up a single point of failure for hackers to take over every device if they accessed the key. As a result, GCHQ added further security measures.
Yet the security risks inherent in the design of the smart meter network were raised as long ago as March 2012 in a report produced by the Cabinet Office to review plans for the Department for Energy and Climate Change (DECC) programme.
The review – co-authored by government chief technology officer Liam Maxwell – was highly critical of the proposal to create a “monopoly” data and communications company (DCC) to act as a middle-man between energy providers and their customers. Even so, a contract to set up and run DCC was awarded to Capita in 2013, in a 12-year, £175m deal.
The Cabinet Office report highlighted the risk of having a “new GB-wide entity with reach into every home”.
Read more about smart meters
- Cost of IT is set to skyrocket as the UK’s smart meter roll-out ramps up due to suppliers buying in IT consultants.
- Bristol City Council has completed the installation of smart meter technology across a number of its social housing properties.
- A select committee report gave the UK’s smart meter roll-out a thumbs-up but is the project doomed to failure?
The report, seen by Computer Weekly, went on to point out: “The proposed technical model inserts a new third-party between consumers and energy providers. It thus introduces an additional and potentially significant security and privacy vulnerability.
“All 28 million households would be connected to the DCC, presenting a major vector for cyber-attacks given the vulnerability of a single, centralised entity managing all the switching into every home. It also introduces a central point for surveillance and privacy compromise.”
The report said that CESG – the information security arm of GCHQ – had “voiced strong concerns about the proposed approach”, and the document recommended an independent review of the proposed security and privacy architecture.
DECC said that the FT article was “misleading” and that it had worked with GCHQ from the start.
“Smart meters will help hardworking families and businesses to take control of their energy use, bringing an end to estimated bills and helping bill-payers to become more energy-efficient. They’re part of this government’s commitment to make Britain’s energy infrastructure fit for the 21st century,” said a DECC spokesperson.
“Smart meters will operate on a secure system that only authorised parties, such as energy suppliers and network companies, can access. Working with experts across industry and across government, we have put in place robust security controls which are based on international standards and industry good practices.”
Single point of failure
The Cabinet Office report further raised the risk of denial of service attacks cutting out communications between consumers and energy providers. It said the centralised model that has since been implemented raised “enduring concerns” by introducing a single point of failure and an access point to the entire smart meter network.
“The DCC will have the ability to disable any meter remotely, a facility that creates a significant cyber security threat in the form of enabling an attacker – insider or outsider – to centrally disrupt or otherwise interfere with energy supplies,” said the report.
In an interview published in March 2016 in The Brewery Journal – a publication from PR firm Freud Communications – Ian Levy, technical director at CESG, said the organisation had “recently” examined the smart meter project to ensure its security.
“In the design of the system, we’ve assumed that vulnerabilities exist in each component, and designed the system so it’s tolerant to those weaknesses,” he said.
Long list of concerns
The Cabinet Office review of the smart meters project in 2012 highlighted a long list of concerns relating to the programme beyond the security threat, warning that it ran the risk of “replicating the problems of major government IT projects of the last 15+ years”.
One concern raised was: “[The programme] imposes a solution based on using single large suppliers with exclusive 10+ year contracts rather than being based on open standards, interoperability and an open marketplace.”
Another issue was: “The programme is following an old-style rather than agile procurement processes, and currently using a competitive dialogue restricted to a limited number of large suppliers able to meet the high procurement bar and long contractual period.”
Other suppliers subsequently involved include CGI, with an eight-year contract worth £75m to develop and operate the system controlling the movement of messages to and from smart meters. Arqiva and Telefonica have 15-year contracts worth £625m and £1.5bn respectively to establish regional wide area networks connecting the data application with gas and electricity meters.
The Cabinet Office made 31 separate recommendations suggesting significant changes to the smart meter programme in a wide range of areas – not just security – including a three-month “reset” period to reconsider the project. It is not clear which, if any, of those recommendations were implemented.
Halt, alter or scrap
The smart meter programme has come under increasing scrutiny in the past year as concerns grow about the likelihood of success. In March last year, the Institute of Directors called for the project to be “halted, altered or scrapped” immediately to avert an expensive IT failure.
In the same month, MPs on the Energy and Climate Change Committee said the plans were veering off-track. “Without a significant and immediate change to the present approach, the programme runs the risk of falling far short of expectations,” said committee chair Tim Yeo.