Flawed Encryption Leaves Millions of Smart Grid Devices at Risk of Cyberattacks

Editor’s Note: Just consider this when the smart grid/Internet of Things gets going full steam. Your whole house will be hackable. The people running the show don’t entirely even know what they’re doing as they push us over the technological edge.

Millions of smart meters, thermostats, and other internet-connected devices are at risk of cyberattacks because they come with easily crackable encryption, a study has warned.

A paper by Philipp Jovanovic and Samuel Neves published in late April analyzed the cryptography used in the Open Smart Grid Protocol (OSGP), a group of specifications published by a European telecoms standards body. The protocol is used in more than four million devices, and said to be one of the most widely used protocols for smart devices today.

From encrypted instant messengers to secure browsers and operating systems, thees privacy-enhancing apps, extensions, and services can protect you both online and offline.

The results? Not great.

The researchers found that the “weak cryptography” can easily be cracked through a series of relatively simple attacks. In one case, the researchers said they could “completely” defeat a device’s cryptography.

The most common and trusted encryption standards use well-established, peer-reviewed cyphers that are open-source and readily available to inspect. Some have argued it’s the “first rule” of crypto-club. The problem for smart grid devices is that they don’t stand up to the scrutiny of the community.

(Read more at ZDNet)