They weren’t manipulating customers it was fraud or outright forgery.Originally Posted by old4runner
They weren’t manipulating customers it was fraud or outright forgery.
Yes I do. Actually I know you can. I was a SMART grid software engineer for Honeywell in charge of the SRP 1/2 of Phoenix a few years AGO. The choice of ZIGBEE was not the best from a security standpoint. You have one or two meters in your local grid (neighborhood) that have actual broadband cell connections. The other meters use ZIGBEE to send thier data to those cell connected meters that is then pulled into the mgt system.
You can physically access the programming port on most SMART meters via a serial port or RJ45 jack. If you are smart with your code what you drop at that point can be really bad for the grid. Since the grid has those few cell connections to oversee thousands of end points gaining control of few lead points gains control over entire grid sections. Since this is cell com you can have it report to a new control system then you can drop all kinds of stuff from the backend DB and push it to the cell connected meters then down to the ZIGBEE connected ones.
It really is not that hard and that is what will hurt us.
Then you have the total lack of security of the software itself.
Sure, a guy could wreck havoc on the smart grid and billing system. I just know on our grid (and any following NERC/FERC), those meters aren’t going to be able to back end major breakers and cause large outages.
2020 Nitro Z20 Pro Package
This stuff is 12+ years old and not giving away any secrets but you cannot fix some things with tech because the human factor will get you. This is because no one wanted to maintain a password at a county level.
Then you do security audits and find passwords on the cell connected collector/meter set to nothing.... not even "password".
Attachment 490443
This one collector can send out signals to shut down any meter it has access to. Business, hospitals, water pumps.
Everyone is counting on the attitude you have... "no way no how" and it enables.
The best part of all of this for the power companies is they installed so much of the SMART grid stuff with the Obama stimulus money but we failed to tell them to spend it on the grid. They spent it on SMART meters so they could cut down on crews (It took 2 people to go on a physical disconnect) and not on the actual transmission grid which is what is the weakest link.
They can cut the power at the new style transformer/sub station for more granularly than before and can cut it before even hits your physical system without killing blocks or power like before.
Last edited by old4runner; 05-19-2022 at 09:48 PM.
There’s nothing in the world that gets hit harder by hackers than American financial institutions and the power grid. Thousands and thousands of attempts every day by various world powers and shadow enterprises with zero meaningful success. Either you’re a great poser (unlikely) or you do have some first-hand experience, which seems likely. If it’s the latter, your words and accusations prove you to be a disgrace and internet blow hard because you absolutely know that your statement that the grid is “easy” to hack and compromise is complete and utter crap. I’m embarrassed for you.
The following is from the risk assessment completed by NERC. California is part of WECC-CA/MX. The full report indicates that short falls are forecasted to begin in 2024 and additional sources of generation will be needed at that point.
NERC 2021 Risk Determination.pngCalifornia Risk Assessment Summary.png
Dave
2021 Triton 18TRX, Mercury 200 ProXS-4s
Lowrance Elite FS, w/ Active Target
Humminbird Helix 9 MEGA SI G4N
Humminbird Helix 9 MEGA DI G4N
All you have to do is go to youtube and you will see folks not form this country explaining how to use "metercat" which is how you program a lot of manufacturers meters (and who it listens to). This all can happen because folks don't believe it can it is not even very complicated. Then we don't know how to hold the power company responsible.
Hackers have shut down city systems here, took them 3 days to get it back up and everyone patted each other on the back because they are just not prepared. The recovery time for ransomware at the level should be a simple rollback of the system to before it was hacked. Transaction logs have all the stuff that was run against it since in a properly engineered environment. Rerun the transactions in a batch and good to go. Point in time recover tech like this is readily avail from folks like Netapp, HP, or IBM. It is a disk locking technology that involves no tape backups and should be mandatory for public utilities but we have politician and citizens making the wrong assumptions.
As far as your dressing down of me.... ehh who cares as it would not be the typical internet without it but I do get a kick out of how "you are embarrassed for me". That is internet 101 my man you got better than that don't ya?
Last edited by old4runner; 05-19-2022 at 11:35 PM.
Referencing YouTube. So you are a sad sack poser. Go away.
LMAO no.... and no I am not a poser at all. Call SRP and ask about me.
I am ready for any technical questions you have. Please go right ahead as you are obviously an expert to make the above assertions. Me believe you are posing more than anyone.
Last edited by old4runner; 05-20-2022 at 12:52 AM.
You are the third person I have seen recently, who referenced how the transmission grid is our weak link in our energy problems. The other times, they were discussing Texas's energy problem. Texas has alot of cheap energy from wind and solar, but because of the transmission grid, they can't get all the power available to areas that really need it resulting in massive price spikes. One area the energy is really expensive while another area several miles away they can't give away.
Thanos was the hero
As far as hacking our grid, sure it could be a problem. But do you guys not remember that major pipeline that was shutdown due to ransomware recently? We almost had to start rationing fuel then. Fossil fuel industry is not immune from hackers. And gas stations run on electricity too, so if hackers take down our grid, we're all S*** out of luck. ......................... Unless you have solar and an EV
Thanos was the hero
Again that was done through social engineering not a true hack. Close to 70% of malicious data breaches are caused through social engineering. People are the weakest link and it’s a numbers game the bad guys just need to find the right person to manipulate. The port scanning and vulnerability probing are done automatically on anything connected to internet.
Seems like we have a problem of to many people on this darn planet and in this country and in most states. Maybe we should stop subsidizing procreators and their offspring.
2020 Ranger 521L, Merc 250 Pro XS
CyberSecurity Truths
#1 - Your network/system is only as secure as the dumbest person you give user access.
#2 - If you can get out/they can get in.
Texas may also have a power problem this summer.
Tesla Asking Owners to Limit Charging During Texas Heatwave Isn’t a Good Sign (msn.com)
Last edited by smokewagon; 05-21-2022 at 04:39 PM.
2012 Stratos ChampioN 183 Elite
Mercury 175 ProXS
I would think most ev's get charged at night at home when electric demand is at its lowest.
Reply With Quote