Global solar power infrastructure at risk of remote sabotage
As the world moves toward renewable energy, the spotlight is increasingly turning to the digital systems that enable this transformation. Solar power - one of the key pillars of clean energy - depends on networked inverters and control platforms, which are becoming an attractive target for cyberattacks, leading experts to call for security improvements.
Severe systemic security weaknesses
Researchers from cybersecurity firm Forescout have uncovered 46 vulnerabilities in solar inverters from three leading vendors: the China-based Sungrow and Growatt and Germany-based SMA Solar Technology, Forescout reported. Additionally, the researchers found that 80% of vulnerabilities in solar power systems disclosed in the last three years were classified as high or critical severity.
These findings reveal severe systemic security weaknesses in the solar ecosystem that could impact power grid stability, utility operations, and consumer data privacy, Forescout said.
Vulnerabilities
The vulnerabilities included information leakage, buffer overflows, and defects in website code.
Growatt inverters were particularly exposed due to fundamental weaknesses in the company's cloud platform, the report found. These issues could have enabled hackers to access and alter Growatt devices without needing to log in. According to Forescout, one flaw allowed attackers to "upload arbitrary files" to the platform, while another revealed lists of authorized users.
According to the report, attacks on Sungrow and SMA inverters were more complex but still took advantage of fundamental security oversights, such as hardcoded login credentials and stack overflow vulnerabilities. One SMA website was misconfigured, allowing unauthorized code execution, while a Sungrow Android app failed to validate security certificates and relied on weak encryption - leaving it vulnerable to man-in-the-middle attacks.
The vulnerabilities could allow hackers to gather information about the equipment and its users, manipulate data within web portals, and even overwrite device firmware with malicious code.
Concerning cybersecurity results
Already in 2023, the RDI (National Inspectorate for Digital Infrastructure) warned of the vulnerabilities of solar panel inverters.
Their research revealed that none of the nine solar inverters tested met essential standards across safety, cybersecurity, or administrative requirements. Five inverters posed a risk of malfunction, potentially interfering with everyday devices like wireless door tags, and even affecting aviation and maritime systems. Cybersecurity results were particularly concerning, with all devices vulnerable to hacking, remote shutdowns, DDoS attacks, and data theft. Additionally, none of the inverters complied with administrative standards, lacking user manuals and manufacturer contact information necessary for proper consumer support.
These vulnerabilities can cause the solar panel inverters to interfere with other wireless devices or be hacked. To customers, the RDI therefore advised to purchase an inverter with a CE marking, to be alert to malfunctions, and to report these to the supplier.
In order to increase security, the RDI also advised, among other things, to secure inverters with strong passwords and to perform regular updates.
