Security Incident Analysis in Electricity Metering Systems: Unauthorized Access to Smart Measuring Devices

Abstract

Intelligent energy systems employ smart metering to enable bidirectional communication among operators, distributed energy resources (DER), and end users. Components include Advanced Metering Infrastructure for consumption data; metering devices and controllers for monitoring; communication networks linking assets; SCADA, EMS, and DMS systems coordinating DER; and renewable sources for sustainability. These reduce losses and optimize the supply – demand balance, enhancing reliability. Integrating renewables requires adaptive control and predictive models, which improves decision-making processes. However, increased complexity enlarges the cyberattack surface. Millions of connected metering devices and controllers risk data integrity, confidentiality, and power delivery. Historical incidents illustrate this: RedEcho (attack originating from China, targeting India, 2021) used ShadowPad for exfiltration; Sandworm (Ukraine, 2022) targeted substation trip logic; Volt Typhoon (USA, 2024) conducted IT/OT reconnaissance; and Hydro-Québec (Canada, 2023) disrupted customer apps. Since the mid-2000s, research has examined vulnerabilities arising from IoT integration and decentralized resources, necessitating multi-layered security. Standards such as NIST CSF, IEC 62351, and NERC CIP recommend layered architectures with cryptographic protection, firewalls, IDS/IPS, access control, and network segmentation. AI and machine learning enhance anomaly detection via real-time telemetry, while blockchain offers immutable transaction records for DER platforms despite challenges in scalability and energy consumption. Emerging directions include Post-Quantum Cryptography for secure communications and Zero Trust for continuous verification. Comparative analyses reveal traditional methods – encryption, firewalls, IDS – lack adaptability and scalability against evolving threats. Future priorities include AI-based detection, blockchain-enabled architectures, PQC deployment, and phased Zero Trust adoption. Addressing implementation cost, data privacy, legacy-system compatibility, and regulatory gaps is vital for intelligent energy system resilience. This paper summarizes the challenges and proposed solutions for safeguarding critical infrastructure and ensuring international regulatory alignment. UDC: 004.056.5:621.317.78; JEL: L94, O33.