solar panel
August 8, 2017 by

Serious Vulnerabilities found in Solar Panels can shut down the Power Grids

Serious vulnerabilities found in solar panels could actually lead to a shut down in power grids. Attackers can take advantage of the critical flaws present in solar panels, specifically photovoltaic panels sold by SMA, to exploit them, eventually shutting down a majority of power grids in Europe.

The present of these vulnerabilities was found by Dutch security researcher, William Westerhof. He determined there to be 21 vulnerabilities to be present in the Internet-connected inverters, which turns direct current into alternating current (AC). Out of the 21 vulnerabilities, 14 were found to be CVE identifiers or Common Vulnerabilities and Exposures. The research is called, ‘Horus Scenario’, is named after the Egyptian god of sky, referring to the potential cyber-attack, solar panels and triggering massive outages across power grids. The vulnerabilities were first exposed privately to SMA in December 2016. In January 2016, he revealed details of a potential attack on photovoltaic inverters and its disastrous effects on governmental institutes and power grid regulators. If exploited, the poorly designed power grids will have a quick and long-lasting impact across countries. Many countries have interconnected power grids, to draw power from each other in case of an emergency.

However, if the vulnerabilities are taken advantage of, this could mean numerous countries will be knocked offline. Westerhof stated: “The power grid needs to maintain a constant balance, between supply of power, and demand of power. If supply exceeds demand, or demand exceeds supply, outages can occur. In order to maintain stability all sorts of countermeasures exist to prevent outages due to peaks or dips in demand or supply. Under normal circumstances, these countermeasures ensure grid stability. There is however a limit to these countermeasures. A maximum peak or dip value in a specific period of time. If an attacker is capable to go beyond this maximum peak or dip value, outages will occur.” In other words, an attack can occur due to an imbalance in the power grids. Power grids need a constant balance between the supply and demand of power, if this balance is disrupted.

Researchers explained: 

“In the worst case scenario, an attacker compromises enough devices and shuts down all these devices at the same time causing threshold values to be hit. Power grids start failing and due to the import and export of power cascading blackouts start occurring. Several other power sources (such as windmills) automatically shut down to protect the grid and amplify the attack further. Despite their best efforts power grid regulators are unable to stop the attack. It is only after the sun sets (or when there is no longer enough sunshine for the attack to take place) that the grid stabilizes again. Depending on the authorities’ way of dealing with this attack, this scenario may keep going for several days.”

A country like Germany, which demands on photovoltaic panels for 30-50% of its power demands, an attack could potentially take out half of the country’s power.  Fortunately, since the time Westerhof reported these details to SMA in December, Westerhof has been working alongside the company, power grid regulators and government officials to place counter measurements to the vulnerabilities. SMA has now issued patches to fix the vulnerabilities in their kits and provided their customers with patches as well.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Fake SWIFT Service Emails Delivers Adwind Remote Access Trojan

An email phishing campaign has attempted to infect unsuspecting victims with the Adwind...

Read more arrow_forward

Tesla’s Cloud Account Hacked to Mine Cryptocurrency

Tesla’s cloud environment has been exploited by hackers who used the computational power to mine...

Read more arrow_forward

Snapchat Phishing Attack Swipes Credentials of Over 50,000 USers

Details have emerged on a phishing attack which saw hackers steal the credentials of over 50,000...

Read more arrow_forward