Tuesday, January 27, 2015

Good News On Smart Metering If "Real" Cyber Security on the Utility Companies Servers, If Not...

Good News on Smart Metering,
If Real" Cyber Security is on the
Utility Companies Servers, If Not...

Sadly most are using hardware and software that was not designed for what is going on regarding cyber security in the computer world today or even down the road. 

Fact:  Utility companies and the power grid are run by a mish-mash of computers and software designed twenty years plus ago, poorly updated, held together with Band-Aids and duct tape.  Even the operating systems are inconsistent, including the majority using out dated and unsupported Microsoft Windows 7.

Worldwide, our power grids are an important infrastructure and should not be so out dated.  This includes gas and water, meaning all utilities are vulnerable placing all of us in a financial quandary and possible life threatening position.

The Smart Meter is so Hackable it is a very real concern.  Not in the sense that the public is totally out there on their own, there is a required and demanded level of identity assurance for the client/customer.  This includes the data being collected on their usage of utilities and peaks and lows of their daily lives.

It goes much further than that, the utility is open for cyber abuse in the fact that the usage through that meter can be lowered and reflected in a loss of revenue for the utility company.  As Ethical Hackers, we know this as a fact and should be a concern to the shareholders, who are losing revenue and customers, who are bearing the brunt of others that are not paying their fair share.

Under reported energy usage is wide spread in Europe and is moving to other Nations by the day.

The security of a Smart Meter is handled by computer certificates, which are left wide open for the Hacker to step right in, either introducing additional software or computer code to make changes.

Smart Meter contain software, and or firmware, with encryption keys used to scramble all the information that the Smart Meter shares, once pinged, with "nodes" sitting within the utility distribution system, for billing purposes and predicting usage.

Using the keys and the unique identifier associated with each meter it becomes possible to spoof messages being sent from the power-watching device to a utility company.

These changes can be to the daily facility usage or even worse, when the Smart Meter is read electronically or pinged, the other inserted computer code can now enter the main data base and serves of the utility company, allowing a myriad of actions.  This includes control of the power, water or gas to a complete area, stealing customer’s financial data, turning off utilities to a residence or business and using this utility grid in a terroristic manner.
Smart Meters were hacked in a matter of 48 hours, this by the way, was an amateur hacker and was a simple and straightforward procedure.  One the cracking of the Smart Meter is completed, it is able to be replicated worldwide. 

Ok, let us get over the doom and gloom and resolve the issues, bringing all of us protection from Hackers, Phishers and Man in the Middle Brutal Attackers.  Smart Metering is a positive attribute to utility usage and cost effectiveness for both company, shareholder and importantly the customer.

CommSmart Global has the PROVEN TRUSTED REMEDY!

Firstly, this is not some new idea, it has been perfected, installed and secured in Europe for the last twenty years.  Developed by an Ethical Hacker to protect all Data in Motion.

Let us explain that we can make any device that you want to allow access of information from to be transmitted to your company in-house servers, programs and files.

Passwords are human, obsolete and have been forgotten, lost, stolen and shared so many times it is ridiculous to think that it affords any level of security.  In the last twelve months since the retailer Target was hacked and millions of accounts compromised, nothing has changed, it is still happening, PF Chang’s, Michael’s, Home Depot and now, Staples.  Those that have been brought out in the open and we must not forget the banking world and J.P. Morgan Chase and its cyber terrorism issues.

The likes of our Trusted Remedy, is a paramount move and is the base solution.  It is simplistic, secure and through utilization of dedicated servers within your corporation’s infrastructure, we can protect all data in motion

Building a Secure Gate Keeper that is second to none, on the front end is the key!

If it hasnt happen to you yet, it is not IF, but WHEN you will be affected!

You need a Trusted Remedy, Device DNA with a two factor authentication, using your device as the second factor generating a break-through 2 SSL peer to peer communication channel over any untrusted connection. 

Unlike a password, which anybody can type in, Device DNA is your actual devices, they are authenticated from day one and each time you sign in, they know it is you and your trusted devices.  Add Biometrics, if you so wish and it is an additional layer.

To simplify, Smart Metering is nothing more than Machine-2-Machine data conversation.  Ah, but leave the computer certificate door open and in comes the Hackers, who now have access to your full array of information.

TRUSTED REMEDY, here is a simple analogy, when you leave your hotel room, your room lock stays the same and opens the door the same way the next time you swipe the card in the lock.

Trusted Remedy is a lot different, as you shut the door, the key is changed on both ends and the original connection is replaced, without you doing a thing.  

The FACTS... Trusted Remedy, is a 2 factor authentication, acting as PKI in a Private Domain at nearly zero management!

Trusted Remedy, a two factor authentication, using your device as the second factor generating a break-through 2 SSL peer to peer communication channel over any untrusted connection.

The user automatically receives a short lived device certificate using a corresponding key pair in the range from 2048 through 4096 bit encryption which changes automatically next time. The authentication is via Device DNA, made up from the device components.  Short lived access keys configurable from minutes through hours, completely transparent to the end user and standard server configurations.

Trusted Remedy generates an intrusion proof data in motion invisible channel to protect the important data transference.

Those of you using key devices or tokens, they are gone!  Save the money, you have just increased your security dramatically.

Trusted Remedy maintains your security, for you!  You never change anything… just know you are protected.  So are your corporate secrets and personal data…

Installation, very simple and not a major time consuming operation.

The New Profit Center and Positive
Attribute for Your Customers Security.

Let us now take it one stage further, CommSmart Global has just created a new profit center for you.  You can offer the household or business protection for all devices for Data in Motion.  Up to ten (10) devices per account for a household.  Meaning, Smart Mobile Phones, Tablets, Phablets, Laptops and PC/Mac computers.  Business can be offered a slightly different plan to encompass all devices, especially if you have concerns for Bring Your Own Device (BYOD) issues.

The TRUST FACTOR just got brought to the forefront! 

Oh, is it affordable?  Of course, 3 (three Euros) per installation, per month, with up to ten devices protected.  Less than a cup of good coffee.
TRUSTED REMEDY has now increased customer satisfaction and increased your revenue stream.

Privacy is more important than ever and strategic planners and security managers can improve their targeted attack discovery capabilities using security information and event management, but this requires "lean forward" technologies and processes which CommSmart Global has.

Not matter how you are moving data or giving access, Trusted Remedy and its unique, Device DNA for authentication, verification and sign-on is available on all platforms NOW!


For more information please contact us 
for conversation for your issues.

telephone: +1 (614) 655-1247

copyright 2015