As more households embrace green energy and install solar panels, they could unknowingly be exposing their home networks. Most of the solar systems include apps which can be used to track the efficiency of your solar generation. Your home solar system would be connecting to the manufacturer’s server to send data that is displayed on the app. These monitoring and diagnostic systems are used from remote performance monitoring, troubleshooting, system optimisation and other functions. Just how secure are those systems? Security researchers are warning that over 130,000 solar energy monitoring systems from a variety of manufacturers are exposed to the internet. The researchers said that while internet exposed systems are not necessarily vulnerable or misconfigured in a way that allows attackers to interact with them, they do provide information, including settings to unauthenticated visitors that could be used to mount an attack. There have been a number of reported vulnerabilities against those systems with some in active exploitation. One of them allows for unauthenticated remote command injection. Make sure your system is always up to date, use strong passwords, activate multi-factor authentication and segregate the system by isolating it to its own VLAN.
This segment was created for the It’s 5:05 podcast