TelecomTV TelecomTV
  • News
  • Videos
  • Channels
  • Events
  • Directory
  • Smart Studio
  • Surveys
  • Debates
  • Perspectives
  • DSP Leaders World Forum
  • DSP Leaders
  • Great Telco Debate
    • |
    • Follow
    • |
    • Subscribe
  • |
  • More
  • Webcasts
  • Surveys
  • Debates
  • Perspectives
  • Great Telco Debate
  • |
  • Follow TelecomTV
  • |
    • Subscribe
    • |
  • About
  • Privacy
  • Help
  • Contact
  • Follow TelecomTV
  • About
  • Privacy
  • Help
  • Contact
  • Sign In Register Subscribe
    • Subscribe
    • Sign In
    • Register
  • Search

Internet of Things

Internet of Things

Free UK utility company smart meters are inherently insecure

Martyn Warwick
By Martyn Warwick

Nov 8, 2017

via Flickr ©  James Burrell (CC BY-ND 2.0)

via Flickr © James Burrell (CC BY-ND 2.0)

  • Gas and electricity providers get the benefits
  • Users get the worry
  • Home security all too easily compromised
  • A problem for the entire ecosystem, not just device manufacturers

UK residents in various parts of the the country are currently being bombarded with marketing emails and snail mail shots from their gas and electricity utilities cajoling them into making 'survey' appointments to have a free smart meter installed. The things are not compulsory and there is no legal requirement to have one fitted but you wouldn't know that from reading the disingenuous bumph cascading into inboxes and onto doormats. Smart meters are of real and tangible benefit to the utility companies operating in Britain's deranged gas and electricity markets but those accruing to individual households are much less tangible. What's more, smart meters are inherently and dangerously insecure.

Last year a malware attack resulted in more than 100,000 connected devices being taken over by a botnet that initiated a denial of service attack that briefly took down important sites and services such as Amazon, Netflix, PayPal and Twitter. It was a sharp and salutary reminder to IoT device manufacturers and those industries (such as the aforementioned gas and electricity utilities) that their handy little gizmos can easily be perverted into compromising home security.

Gone are the days when the modem and/or home router was the only electronic entry point into the domestic environment. Today the attack base has broadened to take in computers, remote servers, cloud services providers and on through to appliances such as fridges, ovens, washing machines, TVs and smart meters. Most systems are still entirely unable to tell the difference between a legitimate user or a botnet bent on causing a DDOS attack or stealing private data. It is no exaggeration to say that unless security is mightily tightened as IoT goes mainstream the infrastructure of the entire Internet could be open to compromise and collapse.

All this is very well known and has been for a long time, but now, even as smart meters and IoT devices are increasingly being installed in UK homes, the manufacturers of smart home devices have been very slow to address the problems inherent to unsecured smart home equipment. It's not just smugness behind the manufacturer's laggardly approach to security (although that does play a part), it's more that the sector is moving so quickly that security measures fall well behind the arrival of new devices and simply do not keep pace with the latest developments.

A problem for all concerned: who pays for security?

This problem is compounded because for manufacturers, ever keen to maximise their margins whilst attracting more and more customers with inexpensive devices, security has often been regarded as an expense that no one wants to pay for. Another militating factor is that IoT security is a complex matter because a wide variety of different technologies software and methods of connectivity are applied across complex networks and that makes security even more difficult. It is a problem that must be addressed. Research house Gartner calculates there will be 20.4 billion connected devices in situ by 2020.

Certainly parts of the problem can be addressed at semiconductor level. Silicon chips have security feature inbuilt (protected execution mode) but not all of them are 'turned on' or activated. They need to be. Then there are passwords; all too often default passwords are stored somewhere within a manufacturer's website and experience has shown that these can be all too easy to hack. It should also be possible to partition a device or system memory so that a part of it securely holds sensitive confidential data. But again, this costs money that manufacturers have been unwilling to spend.

Those are some of the problems at device level but, important though they are, they pale into comparative insignificance when compared to the dangers inherent in connectivity. Domestic smart home networks are made up of at least two and often more systems and that makes it all the harder to connect devices securely to connect to cloud services.

What is needed is some serious joined-up thinking on the part of all members of the ecosystem. Certainly the device manufacturers have a major role to play in ensuring that smart devices are secure but so too do other players such as ISPs, data centres and cloud providers. What is needed is secure chips, secure on-device communications, secure networks and secure clouds and until that happens the threats not only remain, they multiply. It's a disaster waiting to happen.

Related Topics
  • Analysis & Opinion,
  • Energy & Utilities,
  • Internet of Things,
  • News

More Like This

Digital Platforms & Services

It turns out IoT is a tech concept in search of a business model

Mar 4, 2021

Access Evolution

What’s up with… Broadband cord cutting, HPE, Deutsche Telekom

Mar 3, 2021

AI, Analytics & Automation

Siemens, IBM, Red Hat Launch Hybrid Cloud Initiative to Increase Real-time Value of Industrial IoT Data

Feb 24, 2021

Access Evolution

What’s up with… Global data capacity, chips, subsidies, Berkshire Hathaway

Feb 17, 2021

Access Evolution

Vodafone tests new highly accurate location tracking technology

Feb 16, 2021

Email Newsletters

Stay up to date with the latest industry developments: sign up to receive TelecomTV's top news and videos plus exclusive subscriber-only content direct to your inbox – including our daily news briefing and weekly wrap.

Subscribe

Top Picks

Highlights of our content from across TelecomTV today

18:24

How Zoom evolved in the pandemic era

26:24

Red Hat and HPE discuss how to support open multi-vendor 5G network slices

14:28

How RADCOM is helping Rakuten Mobile run its innovative 5G network

8:33

Monetizing innovative telco edge services

  • TelecomTV
  • Decisive Media

TelecomTV is produced by the team at Decisive Media

Menu
  • News
  • Videos
  • Channels
  • Directory
  • Smart Studio
 
  • Surveys
  • Debates
  • Perspectives
  • Events
  • About Us
Our Brands
  • TelecomTV Tracker
  • TelecomTV Perspectives
  • DSP Leaders
  • DSP Leaders World Forum
  • The Great Telco Debate
Get In Touch
[email protected]
+44 (0) 207 448 1070

Request a Media Pack

Follow
  • © Decisive Media Limited 2021. All rights reserved. All brands and products are the trademarks of their respective holder(s).
  • Privacy
  • Terms
  • Legal Notices