Threat actors could remotely compromise almost 35,000 internet-exposed solar power systems around the world, reports Cybersecurity Dive.
Most of the online solar devices developed by 42 different companies were in Europe and Asia, with Germany and Greece each accounting for 20% of the exposed equipment, according to a report from Forescout. Meanwhile, SMA's Sunny WebBox device, which has been leveraged for solar inverter performance data gathering, continued to be the most exposed solar power system online despite being deprecated a decade ago. Such a persistent threat posed by long-discontinued equipment highlights a significant risk for the energy sector, said cybersecurity experts, who also noted ongoing visibility challenges due to infrastructure sprawl. "Without full visibility into how these exposed assets communicate across environments, operators can't properly control them. As this becomes a more prevalent attack pathway, things like asset visibility and communication mapping will be a key requirement for protecting critical infrastructure," said Claroty Senior Product Manager Gary Kneeland.
Most of the online solar devices developed by 42 different companies were in Europe and Asia, with Germany and Greece each accounting for 20% of the exposed equipment, according to a report from Forescout. Meanwhile, SMA's Sunny WebBox device, which has been leveraged for solar inverter performance data gathering, continued to be the most exposed solar power system online despite being deprecated a decade ago. Such a persistent threat posed by long-discontinued equipment highlights a significant risk for the energy sector, said cybersecurity experts, who also noted ongoing visibility challenges due to infrastructure sprawl. "Without full visibility into how these exposed assets communicate across environments, operators can't properly control them. As this becomes a more prevalent attack pathway, things like asset visibility and communication mapping will be a key requirement for protecting critical infrastructure," said Claroty Senior Product Manager Gary Kneeland.
