One of the biggest concerns for smart grid developers is cyber security due to the reliance on IT
communication networks. While the current grid is not immune to energy theft, fraud and malicious cyber attacks, the smart grid poses new security issues. It is more likely now that theft, malicious attack and fraud will be committed by people working remotely from a laptop several miles away, even in a different country, than someone physically manipulating meters. This makes it difficult to predict where attacks will come from. Since the grid was first implemented in the US residents have stolen energy through various methods such as bypassing meters, using strong permanent magnets to slow meters down and inverting meters for a few days so that they run backwards. Committing malicious disruptions to the grid is relatively easy.
Many substations in the US and the rest of the world are not well guarded and a man with a gun could easily fire several shots and bring the grid to a standstill. On a par with a tree fall or bad weather conditions causing disruptions to the grid system. Several attacks on energy assets have been reported in recent years. Already there have been reported attacks on the US grid system from China and Russia, with the US Intelligence service rather than the utilities discovering most of the attacks. One major issue for the prosecution of cyber-attacks is that the perpetrators of the crime may be located in a different country to where the attack occurred.
The main weaknesses in the smart grid system have been identified as smart readers and substation routers. A study by the IOActive found that many of the smart meters implemented lack encryption software or ask for user authentication. Therefore it is relatively easy to hack into the meters and manipulate meter readings.