Threat intelligence firm Cyble discovered that over 130,000 photovoltaic monitoring and diagnostic solutions are exposed to the public internet. These tools provide grid operators with real-time data regarding the efficiency, connectivity, and integration of photovoltaic systems. Internet exposure increases the risk of a cyberattack.
Many solar systems rely on IT and networking infrastructure for monitoring, remote diagnostics, and power management. Internet-accessible photovoltaic monitoring systems face the same risks and varieties of cyber attacks as any other internet-exposed critical infrastructure element. Systems with outdated firmware and unpatched vulnerabilities might allow threat actors to gain access to industrial control system environments and deploy credential-extracting malware. Attacks are also capable of reducing energy production, destabilizing systems, and even damaging physical assets. While internet-connected photovoltaic monitoring systems are not inherently more vulnerable to cyberattacks, the vast number of them available online raises their appeal to threat actors.
Read More: