- Insecurity solar systems allow cybercriminals to steal data and ransom access
- Millions of solar waves remain vulnerable to threats of serious cybersecurity
- Forescout – Vedere discovers the defects allowing attackers to take total control of solar systems
The growing use of solar energy has exposed critical cybersecurity vulnerabilities in inverters, cloud computing services and surveillance platforms, creating an unsecured ecosystem where pirates can handle energy production, disrupt electricity networks and steal sensitive data, posing serious risks to global energy infrastructure.
A study by Forescout – FEDERE LABS has identified 46 new vulnerabilities in three main manufacturers of solar inverters, including Sungrow, Growatt and SMA. The previous results have shown that 80% of the reported vulnerabilities were high or critical in gravity, some reaching the highest CVSS scores.
In the past three years, an average of 10 new vulnerabilities have been disclosed each year, with 32% bearing a CVSS score of 9.8 or 10, indicating that attackers could fully compromise the affected systems.
Millions of solar energy systems are faced with security risks
Many solar inverters connect directly to the Internet, making it easy targets for cybercriminals. The attackers can use obsolete firmware, low authentication mechanisms and unacyed data transmissions to take control.
The APIs exposed allow hackers to list user accounts, to reset identification information (ideally stored in password managers) to default values and to handle the inverter parameters, leading to power disturbances.
In addition, the references of unsecured objects and the vulnerabilities of script of cross-sites (XSS) could expose user emails, physical addresses and energy consumption data, violating confidentiality regulations such as the GDPR.
Beyond the instability of the network, compromise inverters create other risks, including data theft, financial manipulation and diversion of the intelligent house – certain vulnerabilities allow attackers to take control of electric vehicle chargers and smart traffic jams.
Cybercriminals could also change the inverter parameters to influence energy prices or require ransom payments to restore the system’s functionality. Consequently, the report recommends that manufacturers should prioritize the fixes, adopt secure coding practices and carry out regular penetration tests.
The implementation of web application firewall (WAFS) and adhesion to cybersecurity executives such as the NIST IR 8259 could help to mitigate risks.
Regulators are also invited to classify solar inverters as critical infrastructure and apply safety standards such as ETSI in 303,645 to ensure compliance with best practices.
For owners of solar systems and operators, securing installations requires isolation of solar devices on separate networks, activation of safety monitoring and the following directives of organizations such as the US Energy Ministry to reduce risks.
Installation of the best antivirus The software adds an additional layer of defense against threats, while deploying the best protection of ending points The solutions also guarantee connected cyber attacks targeting solar infrastructure.
