Smart Security and Privacy for the Smart Grid

Last week, security researcher Brian Krebs reported on an FBI bulletin warning that criminals are hacking smart meters. In the bulletin, the FBI warns that former employees of smart meter manufacturers and utilities have been reprograming residential and commercial smart meters to lower power bills. The FBI identifies one particular instance where a utility may have lost hundreds of millions of dollars due to this type of hacking.

While it is unfortunate that hacking of smart meters has taken place, it is not surprising. Where there is data and money, criminals will find a way to hack and steal. Indeed, criminals have been stealing from analog meters for decades as well.

However, criminal activity should not impede our adoption of important new technologies. For example, ATMs and online banking accounts are hacked today, but nobody is suggesting we should forgo the benefits provided by banks and retail websites. Similarly, smart meters offer consumers and society significant benefits, namely increased reliability, potentially smaller electric bills, and lower carbon emissions. These benefits should not be surrendered simply because digital progress comes with a risk of digital misuse.

Rather, the appropriate response is to focus on improving security and protecting privacy. With good policies and safety measures, we can minimize the risk and protect against loss. We need to recognize that absolute security is not possible. If the bar for technology adoption was set at 100% perfect, we would still be in the Dark Ages. We should take the FBI warning seriously and examine the research needed to minimize intrusions. By instituting reasonable security and privacy measures and building privacy and security into the design process, we can ensure that consumers reap the benefits of progress.