Could switching smart meter readings to every half hour put your home at risk of being BURGLED?
That’s the warning from cyber experts – but suppliers insist devices are safe
ANYONE who has installed a ‘smart’ meter to keep a regular eye on their consumption of electricity and gas is being warned the device could increasingly become a target for hackers. Changes in the way energy companies take data from the meters mean hackers could use the information to plan burglaries when it indicates the occupants are away. Currently, a smart meter reading is typically taken every month remotely by an energy supplier. This is done via radio waves with the information sent to a company head office hub.
But new rules introduced by energy regulator Ofgem mean firms can now offer to take the data daily or even as often as every half hour – so 48 times in a day. This means criminals could potentially get hold of far more detailed data on a household’s energy consumption than previously.
For example, when electricity and gas usage is low, it might indicate to a criminal that the home is probably unoccupied and therefore an easy target for burglary.
Industry experts fear it is only a matter of time before criminals are able to break into smart meter systems and misuse the personal data.
NICK Hunn, a strategist for technology firm WiFore, says: ‘Smart meters are vulnerable to hacking – with the encrypted security measures for communication in some of them providing little more than a sticking plaster against a cyber hack.
‘Changes enabling companies to take more regular meter readings provide a greater opportunity for criminals to work on decoding the smart meter system – and find out when people are not at home.’
Trade body Smart Energy GB insists the smart metering system in the UK has been ‘specifically designed to prevent hacking’. There have been no known hacking instances with smart meter data so far. Ofgem’s changes, announced in May, are designed to enable utility companies to introduce so-called ‘time-of-use’ tariffs – balancing charges, with higher rates for energy use at busy times such as early evening; and lower ones at quieter times, such as in the middle of the night. Time-ofuse tariffs are likely to be rolled out over the next three years. Ofgem says customers will still be given the option to ‘opt out’ of this new tariff system if they don’t want to be charged in such a way.
Colin Tankard is managing director of security firm Digital Pathways. He also believes it is only a matter of time before criminals start breaking into smart meter systems. The regular feed of data from households, he says, will fuel this criminal activity as they seek
to use it for their own gain. Tankard says: ‘No technology is totally secure.’
He adds: ‘The encryption between the smart meter and the small energy reader that customers look at to see how much energy they are using is the weakest link as it is relatively basic – and therefore easier to hack. It could be a useful tool for burglars.’
Although the encrypted radio waves, which companies use to protect the data they take from smart meters, are harder to break into, Tankard says that with more frequent readings being taken, criminals might believe it is worth investing more time and effort into finding ways to crack it.
He says the information they glean might be valuable on the Dark Web. This is where criminals trade in stolen data.
Full details of a household’s energy use could be sold for hundreds of pounds – with criminal gangs harvesting such information.
Chris Oakley is vice president of technical services at the cybersecurity firm Nettitude. He says: ‘Occasionally, smart meters have a glitch, resulting in customers receiving erroneous bills. These issues usually get sorted out quickly, but it demonstrates that these meters are vulnerable.’
Consumer group Which? said that households are right to have security concerns – although it added that customers can still dictate how their energy usage data is handled and whether they want a smart meter installed or not.
Sue Davies, head of consumer protection policy, said: ‘Understandably, people might have concerns about exactly how their energy usage data is being used – and how secure smart meters are.’
She added: ‘If consumers are worried about where the data from their smart meter is going, and how often it is taken, they have some control over what is shared.
‘You can tell your gas and electricity supplier they cannot use the data for sales and marketing – or share the consumption data with others.
‘You can also specify how frequently your meter sends data to the supplier – although monthly is still the minimum.’ Unless a smart meter has already been installed, customers also have the choice of whether they want one fitted or not.
Smart Energy GB is the Government-funded body that promotes smart meters. On Friday, it told The Mail on Sunday: ‘Security has been at the heart of the smart meter rollout programme from its inception – and the system has been specifically designed to prevent hacking.’
It insisted that changes to the frequency of how often smart meters are read will not change this.
Smart Energy GB added: ‘Halfhourly readings are an option for smart meter owners. Depending on how often a customer has agreed to share readings with their supplier, a smart meter will currently send half-hourly, daily or monthly meter readings.
‘Time-of-use tariffs will financially reward customers who use energy when demand is low. Opting to move to such a tariff is entirely the choice of the consumer, not the energy supplier.’
Ofgem echoed Smart Energy GB’s line, stating the changes would not affect the security of smart meters.
It claimed a move to ‘time-of-use’ tariffs could save households £4.6billion over the next couple of decades by encouraging people to use more energy at non-peak times – such as late at night – and less during the day.
Ofgem said: ‘Smart meters give consumers the ability to view near real-time information on their energy use in pounds and pence. Data access has been a major consideration.
‘Our approach is underpinned with a desire to maintain a fair and proportionate balance between the rights of individual consumers to control access to their personal data and the need to maximise the benefits that smart meters can provide.’
AMONG the suppliers offering to move customers across from monthly to daily readings is French stateowned EDF. It has been sending letters to new homeowners in recent weeks providing this option.
But EDF would not comment on how many customers are agreeing to switch to more regular readings. Nor would it comment on any heightened security risks surrounding the data it is taking from customers.
Other suppliers are equally coy. British Gas would only say: ‘We have no immediate plans for timeof-use tariffs.’
It would not provide details of how secure its smart meter reading system is. Eon failed to respond to requests for a comment.