Hacking The Grid Through Air Conditioners

Hacking The Grid Through Air Conditioners

Setting Sun seen through a row of electricity pylons

This post is also available in: heעברית (Hebrew)

With the months long power outage in Crimea, the world saw how easy it is to leave an entire region with no electricity. Attacks on electricity infrastructure could target power lines, plants, substations and more. Researchers have now found another way to attack the grid, and it’s decidedly modern and terrifying: remote manipulation of home and office air conditioners to create a surge.

To achieve the hack, attackers would target remote shut-off devices installed by utilities on air condition units to preserve power during summer peaks. Many utilities offers discounted rates to customers who agree to install the devices, which allow power companies to remotely turn off air conditioners during peak summer usage – when it’s particularly hot outside and demand outstrips supply.

Thomas Kinsey of Exigent Systems and Vasilios Hioureas of Kaspersky Lab, who conducted their research as part of the Securing Smart Cities initiative, told Wired that the devices are very vulnerable to manipulation by hackers.

When the system is working properly, an operator at an electrical control centre sends out a signal via radio frequency that is then amplified and resent through repeater stations spread around the city until it reaches the devices and shuts down the air conditioners. The systems examined by Kinsey and Hioureas don’t actually encrypt the commands, and have no mechanisms to authenticate the origin of the signal. This leaves the system open to abuse by anyone who can emit a stronger signal that the one sent out by the utility.

“Anyone with $50 can generate a signal that can trump a repeater [to take out a few air conditioners]; and anyone with $150 can generate that through an [amplifier] and presumably take out a whole neighborhood,” says Kinsey. “And obviously you can scale that up as much as you want to [depending on the strength of your signal].”

The attack requires little skill. A hacker would only need to make sure he’s on the same frequency as the power company to be able to record and resend the specific commands the utility employs.

“This is the funny part, to show how ridiculously insecure it really is, you don’t have to even know anything or reverse-engineer anything and you can reproduce the result [by doing a replay attack],” says Hioureas.

This sort of hack could have devastating results. An attacker could shut off air conditioning in the homes of the elderly, who struggle to cope with excessive heat, or turn air conditioners on during peak times to create a surge that could lead to a blackout, leaving many without power.