Thousands of solar and wind turbines with security gaps

16. February 2023
| No comments
B2B Cyber ​​Security ShortNews

Share post

Under the title "Easy game for hackers", the daily news, based on research by the Plusminus magazine, published that solar and wind power plants sometimes have massive security gaps. Above all, medium-sized and small systems are said to be poorly protected against hackers, which is also documented live in the article.

In the contribution of the ARD magazine Plusminus, an expert from the field of renewable energies shows how poorly small and medium-sized solar and wind power plants are protected against hack attacks. For the contribution, the system expert searched partly live for vulnerable systems and quickly found what he was looking for.

In minutes: access to wind farm for 50.000 residents

He showed how quickly he could find the controls for a huge solar park. Since access was still to be served with the delivery password, he could log in directly. The plant manages an electricity capacity for households with around 50.000 inhabitants. If it hadn't been the specialist, but a hacker, then one click would have been enough to paralyze the system. Before the program was broadcast, the operator of the wind farm was of course informed and has now closed the security gap.

It is far too easy to find unencrypted IP addresses of control portals with the help of classic search engines, tools and portals. The location, the output and a lot of other useful information about wind and solar parks can be found out within a few minutes. According to the expert, hundreds of these open login pages for control portals of wind and solar parks can be found openly on the Internet.

Around 2.500 accessible systems in the network

Stephan Gerling from the IT security company ICS CERT Kaspersky estimates that around 2.500 such unencrypted solar and wind systems can be found across Europe. Taken together, that would equate to a capacity of around 2,8 gigawatts, or the output of two nuclear power plants, he estimates. The article impressively shows how weak many companies and operators of wind and solar parks are in terms of Industrial Cyber ​​Security - ICS. Rating worth seeing.

Editor/sel

More at Tagesschau.de

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

Short news
, , , , ,