News Solartex
Advertisement
  • Home
  • CATEGORIES
    • Solar Panels
    • Solar Installation
    • Residential Solar
    • Commercial Solar
    • Solar Contractors
    • Solar Batteries
    • Solar Inverters
    • Solar Lightening
    • Solar Pumps
    • Accessories
  • MORE
    • CONTACT US
    • SOLARTEX USA
No Result
View All Result
  • Home
  • CATEGORIES
    • Solar Panels
    • Solar Installation
    • Residential Solar
    • Commercial Solar
    • Solar Contractors
    • Solar Batteries
    • Solar Inverters
    • Solar Lightening
    • Solar Pumps
    • Accessories
  • MORE
    • CONTACT US
    • SOLARTEX USA
No Result
View All Result
News Solartex
No Result
View All Result
Home Solar Contractors

Network security provider finds cyber vulnerabilities with three major inverter manufacturers

admin by admin
March 28, 2025
in Solar Contractors
0
Network security provider finds cyber vulnerabilities with three major inverter manufacturers
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter

Share

Renewable energy sources, including solar power systems, are rapidly becoming essential elements of power grids throughout the world — especially in the U.S. and Europe. However, cybersecurity for these systems is often an afterthought, creating a growing risk to grid security, stability and availability.

New research from network security solution provider Forescout found an insecure ecosystem — with dangerous energy and national security implications. While each residential solar system produces limited power, their combined output reaches dozens of gigawatts — making their collective impact on cybersecurity and grid reliability too significant to ignore.

In the full report, Forescout reviews known issues and presents new vulnerabilities found on three leading solar power system manufacturers: Sungrow, Growatt and SMA. Forescout also discusses realistic power grid attack scenarios that could be executed and could cause emergencies or blackouts, and provides recommended risk mitigation actions for owners of smart inverters, utilities, device manufacturers and regulators.

Summary of findings

  • Forescout cataloged 93 previous vulnerabilities on solar power and analyzed trends:
    • There’s an average of over 10 new vulnerabilities disclosed per year in the past three years
    • 80% of those have a high or critical severity
    • 32% have a CVSS score of 9.8 or 10 which generally means an attacker can take full control of an affected system
    • The most affected components are solar monitors (38%) and cloud backends (25%). Relatively few vulnerabilities (15%) affect solar inverters directly
  • Due to growing concerns over the dominance of foreign-made solar power components, Forescout analyzed their common countries of origin:
    • 53% of solar inverter manufacturers are based in China
    • 58% of storage system and 20% of the monitoring system manufacturers are in China
    • The second and third most common countries of origin for components are India and the US
  • New vulnerabilities:
    • Forescout analyzed six of the top 10 vendors of solar power systems worldwide: Huawei, Sungrow, Ginlong Solis, Growatt, GoodWe, and SMA
    • Forescout found 46 new vulnerabilities affecting different components in three vendors: Sungrow, Growatt and SMA.
    • These vulnerabilities enable scenarios that impact grid stability and user privacy
    • Some vulnerabilities also allow attackers to hijack other smart devices in users’ homes

Impact on Grid Security

The new vulnerabilities, which have now been fixed by the affected vendors, could allow attackers to take full control of an entire fleet of solar power inverters via a couple of scenarios, as shown in the report:

Once in control of these inverters, attackers can tamper with their power output settings or switch them off and on in a coordinated manner as a botnet. The combined effect of the hijacked inverters produces a large effect on power generation in a grid. The impact of this effect depends on that grid’s emergency generation capacity and how fast that can be activated.

The example Forescout discusses in the full report is that of the European grid. Previous research showed that control over 4.5 GW would be required to bring the frequency down to 49Hz — which mandates load shedding. Since current solar capacity in Europe is around 270 GW, it would require attackers to control less than 2% of inverters in a market that is dominated by Huawei, Sungrow and SMA.

Recommendations

  • Treat PV inverters in residential, commercial, and industrial installations as critical infrastructure:
  • Owners of commercial and industrial installations should:
    • Include security requirements in procurement
    • Conduct a risk assessment when setting up devices
    • Ensure network visibility into solar power systems
    • Segment and monitor devices into their own sub-networks
  • Device manufacturers should:
    • Implement secure software lifecycle practices
    • Conduct regular penetration testing
    • Adopt security-in-depth strategies using web application firewalls
    • Use third-party audits of communication links based on standards, such as: ETSI EN 303 645, Radio Equipment Directive (RED) and Cyber Resilience Act (CRA)

News item from Forescout

Source link

Previous Post

Ubiquity Solar manufacturing in NY never starts, thin-film equipment now for sale

Next Post

NJBPU, Rutgers partner on new clean energy graduate certificate

admin

admin

Next Post
CS Energy, Luminace cover freshly capped New Jersey landfill with community solar

NJBPU, Rutgers partner on new clean energy graduate certificate

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected test

  • 23.9k Followers
  • 99 Subscribers
  • Trending
  • Comments
  • Latest
AIKO vs. Trina Solar Panels

AIKO vs. Trina Solar Panels

May 15, 2024
Solar Battery Covers | Cover My Inverter

Solar Battery Covers | Cover My Inverter

October 1, 2023
ADT Solar to close 22 of 38 branches

ADT Solar to close 22 of 38 branches

November 2, 2023
Adverse Weather Conditions Solar Panels

Adverse Weather Conditions Solar Panels

October 1, 2023
How many Solar Panels Do I Need?

How many Solar Panels Do I Need?

1
The 5 Best Solar Panels For Your Home or Business

The 5 Best Solar Panels For Your Home or Business

0
The Truth About German Made Solar Panels – Don’t Fall For The Scam!

The Truth About German Made Solar Panels – Don’t Fall For The Scam!

0
Electric Element vs Heat Pump Calculator – MC Electrical

Electric Element vs Heat Pump Calculator – MC Electrical

0
How to Stack the Federal and State Battery Rebates

How to Stack the Federal and State Battery Rebates

May 25, 2025
How NuSolas Energy Strengthened Field Ops

How NuSolas Energy Strengthened Field Ops

May 23, 2025
BREAKING: Solar Victoria’s Battery Loan Is Ending – And What It Means for You

BREAKING: Solar Victoria’s Battery Loan Is Ending – And What It Means for You

May 23, 2025
Maximise Your Federal Battery Rebate with GoodWe Lynx F G2 Batteries

Maximise Your Federal Battery Rebate with GoodWe Lynx F G2 Batteries

May 23, 2025

Recent News

How to Stack the Federal and State Battery Rebates

How to Stack the Federal and State Battery Rebates

May 25, 2025
How NuSolas Energy Strengthened Field Ops

How NuSolas Energy Strengthened Field Ops

May 23, 2025
BREAKING: Solar Victoria’s Battery Loan Is Ending – And What It Means for You

BREAKING: Solar Victoria’s Battery Loan Is Ending – And What It Means for You

May 23, 2025
Maximise Your Federal Battery Rebate with GoodWe Lynx F G2 Batteries

Maximise Your Federal Battery Rebate with GoodWe Lynx F G2 Batteries

May 23, 2025
News Solartex

©2024 SOLARTEX USA LLC

Navigate Site

  • Home
  • Categories
  • Privacy Policy
  • Term of Use
  • Contact Us

Follow Us

No Result
View All Result
  • Home
  • CATEGORIES
    • Solar Panels
    • Solar Installation
    • Residential Solar
    • Commercial Solar
    • Solar Contractors
    • Solar Batteries
    • Solar Inverters
    • Solar Lightening
    • Solar Pumps
    • Accessories
  • MORE
    • CONTACT US
    • SOLARTEX USA

©2024 SOLARTEX USA LLC

Cleantalk Pixel