White hat hackers reveal vulnerabilities in European solar panels

[ad_1]

An ethical hacking attack on Dutch solar panels has exposed their vulnerability to cyberattacks, prompting calls from the industry for stricter security assessments.

Although wind turbines Highly networked and equipped with hundreds of sensorsSolar panels have traditionally been considered more susceptible to outside interference than solar panels, but one Dutch citizen may have proven otherwise.

A Dutch white hat hacker may have taken control of millions of smart solar panel systems. According to the investigation agency FollowTheMoneyusing the backdoor.

The results of the study confirmed Netherlands Agency Report 2023 The study found that converters are an important part of solar panels that deliver electricity to the grid and are usually connected to the network, but they “can be easily hacked, remotely disabled or used for DDoS (DDoS) attacks.”Distributed Denial of Service DDoS is one of the most common types of attacks, the basic purpose of which is to try to overwhelm a system.

SolarPower Europe, an EU industry association, said in a statement commenting on the hack that the EU “needs to develop stronger cybersecurity rules for distributed energy resources.”

Solar power accounts for a large share of Europe’s electricity grid From 1% in 2010 to 9% in 2023At the same time, the destructive potential of cyberattacks on solar panels has also increased.

“Installation that can be centrally coordinated or managed (e.g. aggregated rooftop solar installations) must be monitored by EU or national authorisation,” stressed Driss Aaker, deputy CEO of the lobby group.

one The report released by the European Union Cybersecurity Agency on July 24 The EU was found to be ill-prepared for a coordinated attack on its energy infrastructure, whether from foreign or internal malicious actors.

Because electricity is so important, any attack against Europe “would attract significant pre-targeting activity by advanced threat actors in the electricity sector” if their aim was “to launch a destructive attack”, it added.

Solar panels are seen as a weakness in several contexts, also due to the dominance of China as a country in the supply chain.

The industry says that while laws such as the latest version of the EU’s Network and Information Security Directive (NIS2) and the Cyber Resilience Act are a start, more action is needed: solar panels should be classified as critical products, meaning they would be subject to stricter assessment.

The concerns come as the EU’s own solar industry says it should receive preferential treatment to help it regain market share from Chinese rivals, citing cybersecurity concerns.

“Future-proof network requirements should be included in the EU Electrification Action Plan,” Ake said, adding that “Europe must learn from recent lessons on energy security and chart a secure path into the future.”