Solar panels, once seen as a beacon of clean energy, are now facing a new threat – cyber attacks. Digital Watchdog RDI experts warn that hackers are specifically targeting the vulnerabilities found in inverters, which store energy for various devices.
A recent assessment by RDI revealed that none of the examined inverters from eight different manufacturers met even the most basic security standards. In addition, a report from the Norwegian foundation DNV highlighted the potential for photovoltaic inverters to be exploited for malicious purposes, including disrupting power lines, compromising surveillance networks, and impacting critical infrastructures.
The Growing Concern
The rapid growth of solar panel installations in Australia between 2015 and 2021, totaling around 16.3 million connected panels, has raised concerns. Shockingly, none of these installations met the cybersecurity standards established by RDI. This vast network of solar panels could potentially become a breeding ground for distributed denial-of-service (DDoS) attacks, posing a threat to critical infrastructures worldwide.
A notable incident involving a Ukrainian power grid exemplifies the potential dangers. Hackers successfully infiltrated a renewable energy generation grid through connected photovoltaic cells. Though Russian hackers were implicated, the authorities in Kyiv managed to thwart their efforts before further damage was inflicted upon other connected infrastructures. This incident serves as a wake-up call to the urgent need for enhanced cybersecurity measures.
Manufacturers play a crucial role in addressing this issue. They must actively offer products that comply with established photovoltaic cybersecurity standards to safeguard the entire solar panel ecosystem. Simultaneously, users must prioritize the implementation of these security features from the very beginning of their product usage.
By taking collective action, both manufacturers and users can contribute to mitigating the risks posed by cyber attacks.
The Consequences of Exploitation
With the increasing sophistication of connected technology in solar inverters, cyber criminals are presented with new opportunities. By exploiting vulnerabilities, they can introduce instabilities that lead to physical and financial damages not only to the inverters but also to any systems connected to them. The potential consequences are far-reaching, impacting the reliability of power systems, the stability of wind farms, the functioning of refineries, and even the availability of fuel supplies.
As solar panels continue to gain popularity as a renewable energy source, it is imperative that the industry addresses the pressing issue of cybersecurity. The vulnerabilities in solar inverters make them attractive targets for hackers seeking to disrupt critical infrastructures. By prioritizing the implementation of robust security measures, manufacturers and users can protect the integrity of solar panel systems, mitigating the potential risks posed by cyber attacks.
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.