Recent research reveals severe cyber security risks within the solar supply chain, exposing vulnerabilities and potential cyberattack scenarios. The risks range from ransomware attacks on large solar installations to the threat of state actors who can sabotage energy supplies. A Dutch hacker showed that millions of solar power systems are vulnerable. This highlights the need for improved cyber resilience and the availability of innovation subsidies for a more secure energy infrastructure.
Why this is important:
New research reveals the vulnerabilities in the fight against cyber attacks on solar energy systems. The study, published today, was conducted by cybersecurity experts from Secura and energy experts from the Top Sector Energy, commissioned by the Netherlands Enterprise Agency.
Weaknesses in the solar panel supply chain
The solar power supply chain has several weaknesses that could lead to large-scale problems for energy supply and data privacy. This is reinforced by the recent discovery of a Dutch hacker who was able to potentially disable millions of solar power systems, according to Follow The Money.
The study, conducted with literature and expert interviews, presents three scenarios in which solar security is at risk. The first scenario involves a cloud portal attack, in which cybercriminals gain access to multiple large installers’ accounts. This scenario highlights the importance of strong authentication and access controls in the industry.
The threat of cyber attacks
The second threat arises from software updates to inverters that can provide cybercriminals with unintended access. Inverters that retain default passwords after installation are an easy target in this regard. This highlights the importance of cybersecurity measures throughout the manufacturing and distribution process of solar equipment.
The third and most worrisome threat is a supply-chain attack from state actors. At a time when geopolitical tensions are running high, taking down vital infrastructure via hacked solar equipment poses a real risk. This underscores the urgency of international cooperation and cybersecurity standards in energy infrastructure.
Grants for Safer Energy Chains
Facing these threats requires a comprehensive approach. Innovations and new knowledge are essential for securely connecting smart energy devices. Top Sector Energy plays a vital role in sharing knowledge and bringing the parties together.
In addition, the government encourages increasing cyber resilience with a subsidy scheme. This is aimed at developing more secure technologies within energy chains. Making these grants available is a clear step forward toward a more resilient solar energy sector.
Digital vulnerability and societal impact
The revelations of the Dutch hacker show how closely intertwined our digital and physical infrastructures are. This raises concerns about the security of data generated by solar energy systems. With increasing reliance on technology for our energy supply, data loss or misuse risks are increasing.
Recent discoveries surrounding the cybersecurity of solar power systems are calling for action. This complex challenge requires not only technical solutions but also awareness and cooperation at national and international levels. The future of our energy supply depends on the steps we take now. The security of our infrastructure must come first. The alarm bell being sounded now is a clear signal that there is no time to lose.