Why Cybersecurity for Solar Is Crucial — And Difficult

A successful cyberattack targeting solar infrastructure could adversely impact convenience, safety, and national security. While the price of inaction is high, many modern panel arrays lack basic security controls and are vulnerable. Cybersecurity can be the solution.

Why Is Cybersecurity for Solar Equipment Crucial?

Without more resilient cybersecurity for solar, cities across the country are at risk. Critical energy infrastructure relies on solar panels, meaning a single well-placed cyberattack could cause widespread blackouts.

Smart cities and homeowners with solar panels aren’t the only ones affected, either. Solar adoption rates have accelerated rapidly in recent years, meaning everyone getting their electricity from a utility-scale power plant has the potential to be impacted.

Another commonly overlooked reason solar cybersecurity is crucial is the country’s reliance on satellites. Most of them use solar array systems to convert sunlight into electrical energy, powering their payloads and processes. Low-orbit satellites are used in everyday life for communication and military surveillance.

While many people only consider power plants and panel arrays when they think about cybersecurity for solar, the truth is many more critical technologies and infrastructure can be affected by cyberattacks.

The federal government has grown concerned with solar cybersecurity and wants to find a solution. The United States Department of Energy has made it a priority, describing it as critical for national security and the country’s economy.

The Major Challenges of Solar Cybersecurity

For decades, solar’s cyber-risk was insignificant because it was relatively rare and unadvanced. Now that adoption is widespread and digital transformation has accelerated, more components have become interconnected — meaning they’ve become much easier to hack.

Realistically, solar operations are always at risk of a breach regardless of how strong their defenses are. Infiltrations and hacks are inevitable when human error and security gaps exist. Still, the chances of attacks being successful is higher than it should be.

More solar photovoltaic inverters — components that convert the direct current produced by solar panels into a usable alternating current — are becoming Internet of Things (IoT) devices. This interconnectedness and always-online state make them vulnerable to cyberthreats.

A single inverter can spread malware throughout an entire solar array, even if it isn’t an IoT device. Whether an employee plugs in an infected USB or someone falls for a phishing attempt, the initial infection can progress as long as the components are interconnected.

Inverters aren’t the only component lacking adequate security. Most supervisory control and data acquisition (SCADA) systems — computer networks for equipment supervision — have numerous physical and cyber vulnerabilities.

The U.S. Cybersecurity and Infrastructure Security Agency warns SCADA systems are vulnerable to a critical vulnerability that allows hackers to create, overwrite, or delete files without authentication or authorization. Unfortunately, the operating technology (OT) solar infrastructure relies on has numerous well-documented — and largely unaddressed — weaknesses.

On top of everything else, solar infrastructure is likely to experience ransomware and distributed denial-of-service attacks because it provides essential services and is often run by government or city entities. Hackers target it at a higher rate because of the possibility of a big payout.

How Hackers Target and Attack Solar Equipment

Previously unknown cyberthreats emerge as more solar panel arrays and utility-scale power plants come online. The risk of cyberattacks increases as adoption increases, and OT becomes more reliant on the IoT for monitoring, information exchange, and control.

Even something as minor as infrequent patches and missed updates enables hackers to intercept and manipulate inverter data. They’re often quick to exploit these vulnerabilities to gain an edge for launching future cyberattacks.

Since low-orbit satellites lack basic security controls, they’re no harder to hack than inverters or SCADA systems. Hackers can try to hack commercial satellites for 10 minutes per hour when they pass overhead. Although the wait might discourage some people, it won’t stop them.

Without photovoltaic technology, satellites can’t recharge their batteries and essentially become useless. When cyberattacks interrupt their power supply, they go dark — potentially causing an information blackout.

What Happens When Solar Cyberattacks Are Successful?

If hackers successfully attack solar equipment, they can take control of inverters — even without authorization — to reduce power output by altering the AC current or voltage. At best, their meddling will cause the lights to flicker or chargers to be slow. At worst, they cause blackouts.

Although solar infrastructure is dispersed — meaning one cyberattack won’t down multiple systems — well-placed attacks can cause widespread service interruptions. While one lone hacker might not be cause for concern, organized threat actors or terror groups could easily work together to interrupt the power supply to large areas.

Hackers can also overload batteries, making solar arrays fail and causing permanent physical damage. If hackers adjust the AC voltage or current too drastically, they could even cause electrical fires and damage the grid. Utility-scale power plants often have storage systems to hold surplus solar-generated electricity, so they’re likely targets.

Tips to Increase Solar Cybersecurity Resiliency

Robust solar cybersecurity relies on threat identification, real-time detection, timely incident response, and rapid recovery.

1. The Principle of Least Privilege

The principle of least privilege restricts every person’s access to data and systems, limiting them to the bare essentials they need to complete their responsibilities. With this approach, power plant operators can prevent unauthorized access attempts more consistently.

2. Network Segmentation

Network segmentation is critical for solar equipment relying on the IoT since it confines devices into segments based on their risk level. Even if an attacker’s infiltration attempt is successful, they’ll be confined to one place, and their lateral movement will be restricted.

3. Intelligent Automation Technology

Intelligent automation technology can enhance incident response. Since it can forecast likely sources of failure, it enables plant operators to proactively adjust accordingly before issues arise. For example, they can send in technicians or reroute power flow.

4. Security Information and Event Management

A security information and event management (SIEM) system protects networks from malware. It monitors activity by aggregating data from multiple sources, enabling real-time log analysis and a timely incident response.

Solar Cybersecurity Becomes More Critical Every Day

All kinds of people, from homeowners to military personnel, would be affected by a successful solar cyberattack. As this technology becomes more widespread, the potential adverse impact becomes more pronounced. Early intervention and timely action are crucial.