Lloyd Alter on Treehugger.com notes the realization that our solar power arrays are vulnerable to hackers:
When new solar panels are installed, users should change any default passwords. The other really hack proof solution is to disconnect the inverters from the internet, which would remove the weakness completely.
“Solar producers should seek to isolate the products from the internet ASAP,” said Dave Palmer, director of technology at cyber-security company Darktrace to the BBC. “And [they should] also review their physical access security to reduce the risk of a local attack from someone physically breaking into their facilities.”
This is yet another example of how having everything connected to the internet, while really convenient, also introduces a host of new problems. For a clean energy smart grid to really take off, we’ll need protections in place, even down to the lowly power inverter.
Indeed. When I worked at a large industrial concern supplying software to the energy industry, I was amazed to find that we could directly access the energy systems of other states, even entire countries, via the Internet, diagnosing bugs in our software and fixing them.
It was certainly better than flying to Eastern Europe and sitting in a loud server room for hours on end.
But the security arrangements often bothered me. I wonder if the various energy management entities took those systems offline or not.