A Texan hacker hacks smart meters to assess outages

The approach is original. A hacker, named Hash, wanted to know who had been affected by the giant power outages that occurred last February in Texas. Indeed, the state had to face a particularly intense cold wave (snowstorm) and unusual in this part of the United States. Some areas and businesses in Texas were not affected by the electrical blackout, but impossible to know about them despite the insistent requests from citizens and some lawyers.

Electricity suppliers are reluctant to give information deemed sensitive because it affects critical infrastructure (hospitals, 911 centers, etc.). Never mind, Hash chose another path to learn more. He found that smart meters from Austin Energy and other Texas companies are quietly emitting data that shows how long businesses and homes have been since their last power outage. This information could potentially reveal who has been cut off from power and who has not.

Mapping from meters that are a little too communicating

Hash’s discovery follows extensive analysis of counters manufactured by Landis+Gyr. Following the February snowstorm, the cybersecurity specialist collected, analyzed and deciphered the data flows circulating in Dallas’ immense network of smart meters. Afterwards, he drove off with an antenna to listen to several thousand smart meters.

Once the siphoning of the data was carried out, he indicated with a red dot on a Google Maps an identity sheet of the counters listed. It indicates for example the number of days elapsed since the last failure (represented by the height of the red dot), the GPS coordinates of the meters, as well as their identification number. It therefore suffices to see which are the highest red dots to know which areas or companies are protected.