A Closer Look at the Gaps in the Grid: New Vulnerabilities and Exploits Affecting Solar Power

A Closer Look at the Gaps in the Grid: New Vulnerabilities and Exploits Affecting Solar Power

MediaVideo
Yanac

A Closer Look at the Gaps in the Grid: New Vulnerabilities and Exploits Affecting Solar Power Systems

Distributed energy resources (DER), such as solar power systems, are rapidly becoming essential elements of power grids worldwide. However, cybersecurity for these systems is often an afterthought, creating a growing risk to grid reliability. While each residential solar system produces limited power, their combined output reaches dozens of gigawatts — making their collective impact on grid stability too significant to ignore.

Aimed at deployment in millions of households, solar power systems are designed for ease of use and can be managed remotely. To this end, we analyzed the products of multiple leading solar power system vendors. We discovered close to 50 new vulnerabilities affecting Sungrow, Growatt, and SMA. These vulnerabilities affect the whole solar power ecosystem ranging from power inverters and network connectivity dongles to mobile applications and cloud backends. We will demonstrate a complete exploit chain that allows attackers to control a fleet of power inverters remotely, thus enabling a coordinated attack against power grids. We will also show how this type of attack is very hard to stop during the execution, making grid stabilization a tricky task and potentially forcing grid operators to crisis measure reactions, such as emergency power generation and load shedding. We will then briefly discuss a potential “incident response” plan (spoiler alert: it would happen after sundown). As an added bonus, we will discuss discovered vulnerabilities that affect user privacy, allowing to hijack user accounts and leak personal data.

While power grids belong to highly regulated critical infrastructure with stringent reliability requirements, most DER systems are “typical” IoT systems with “typical” security issues due to cost constraints and the overall low maturity of the technologies. We will conclude the talk with the ongoing DER risk mitigation initiatives and encouragement for security researchers to continue with the analysis of DER systems.

By:
Daniel dos Santos | Head of Security Research, Forescout
Francesco La Spina | Security Researcher, Forescout
Stanislav Dashevskyi | Security Researcher, Forescout

Full Abstract and Presentation Slides:
https://www.blackhat.com/asia-25/briefings/schedule/#a-closer-look-at-the-gaps-in-the-grid-new-vulnerabilities-and-exploits-affecting-solar-power-systems-43223Black HatRead More