The UK’s electronic intelligence agency has had to act with haste to secure smart meters destined for large scale roll-out, after a security loophole was discovered on the devices.
GCHQ intervened to change the original designs and save the £11bn nationwide system of smart energy meters against hackers on discovery of a fault, which meant all of the meters were given the same encryption key.
The communication channel between each meter and the utilities operating them was designed to be encrypted. But the encryption key — the code used to unscramble the data each meter sends and receives — was the same for all of them.
If a hacker was able to crack the key, they could potentially gain control of every meter, GCHQ feared, according to a senior Whitehall official. That would allow them to “start blowing things up” the official told the Financial Times.
Dr Ian Levy, the technical director of GCHQ’s communications electronic security group, said in a separate interview a number of security challenges surrounded the millions of gas and electricity smart meters being installed.
“The issue is will they let someone disconnect all the power to your house? Or can someone turn off the right number of meters in the right way to cause a collapse in the grid’s systems?” he said.
GCHQ is helping the Department of Energy and Climate Change to securely design the new metering system, one of the UK’s biggest IT projects in a generation.
Energy companies have already installed about 2m of the 53m smart meters due to be rolled out in homes and small businesses across the country by 2020.
The meters, which will cut greenhouse gas emissions and household bills, are to be hooked up to a custom-made data network linking the devices with energy utilities, due to go live in August.
[bc_video account_id=”1214147015″ player_id=”4790345439001″ video_id=”4802134506001″ min_width=”320px”]