Cybersecurity and data have gone hand in hand since the emergence of the Internet of Things (IoT) and its subsequent transformation into an integral part of modern society.
You don’t need to be a tech expert to realise that the journey of technology has witnessed epochal evolution: from the first telegraph to the smart cities of the future, technology has been a critical part of our national infrastructure. Today, IoT, smart meters, smart cities are all part of our everyday conversations.
And its influence is pervasive – touching every aspect of our lives. The real-time impact of IoT is profound with Mission Critical IoT being the term used to describe the intelligent network that utility companies leverage to ensure near real-time integration of their water, electricity and gas networks.
The next question then is besides the technological and logistical challenges, how secure the new systems are?
The security of water, electricity and gas supply are major concerns for all utility providers. It would be simply catastrophic if a network outage occurred due to a security breach or as a result of the actions of hackers.
The idea of somebody hacking into a system and accessing data illegally is a huge concern for companies and individuals everywhere, none more so than when discussing data associated with a critical national infrastructure.
Utilities must take this matter extremely seriously and proactively seek to improve security throughout their networks. Implementing a robust approach in this regard is one of the main reasons that Sensus systems were chosen by the UK government as part of the DECC Smart Metering Implementation Programme.
The programme incorporates the delivery of over 17 million smart meters. Sensus’ network and radio technology passed through stringent analysis carried out by the government security service GCHQ, considered around the world to possess the most knowledgeable cyber security expertise.
If a mission critical IoT provider can adhere to such stringent standards, consider yourself in safe hands.
A common mistake occurs when companies utilise chipsets and plug-in boards that are readily available in the market, making the job of a malicious hacker incredibly easy. For example, a hacker can easily purchase the relevant board and then attempt to intercept data packets with little radio expertise or experience of radio construction/development. More concerning is that the educational tools with which to do this are readily available online as video tutorials and step-by-step guides.
Many of these boards have unprotected memory, multiple debug ports and poor AES implementations that can easily be compromised. What makes Sensus systems unique is that we carefully control the distribution of our radio frequency (RF) boards, ensuring they are not made available on the open market, thereby hindering would-be hackers.
The radio is by no means the only part of the network that can be maliciously attacked. Many hackers will attempt to gain access via the core network systems instead, irrespective of whether these are cloud-based or hosted in their own managed data centres. It is therefore important to review how security is implemented throughout the whole network and ensure that all internal and external communication is secure and protected.
All manufacturers recognise the importance of implementing and maintaining the highest levels of security within their networks, so it is not uncommon to see that most adhere to some sort of industry security standards and protocols.
Some often rest on their laurels once industry standard levels are ‘achieved’. However, it is not these standards themselves that are the most important aspect in delivering a highly secure system, rather it is how these security methods are implemented and integrated into the network solution.
If a utility is putting their trust into the hands of a supplier, they need to be sure that the best internal security guidelines are being adhered to. The smooth running of a grid is not only important to the company behind it - a utility - but to the customers who are dependent on their service.