Wind and solar turbines advised to tackle security risk

Poor security around wind turbine and solar power systems needs to be addressed by those in the field, according to findings by a German security researcher.

Maxim Rupp has discovered numerous security flaws with both power technologies which, if maliciously exploited by an attacker, could result in disrupting energy supplies.
Wind and solar
Rupp recently reported numerous flaws in the web controls for the a number of systems, with the ICS-CERT subsequently issuing public warnings on all three of these.

They include the XZERES 442SR Wind Turbine, the Sinapsi eSolar Light and the RLE Nova-Wind Turbine.

SC Magazine reports that one of these flaws, a cross-site scripting (XSS) request forgery vulnerability affecting the XZERES turbine, could potentially be used by an attacker to change the administrator password for the web management interface, and then gain complete control of the wind turbine.

The ICS-CERT has ranked this security issue as 10 of 10 on the standard Common Vulnerability Scoring System (CVSS), the organisation considers the flaw dangerous due to the ease of remote exploitation.

Another flaw could allow hackers viewing saved, plaintext passwords going through a linked mail system. However this flaw, which resides in the Sinapsi monitoring and management system of small size solar photovoltaic plants, cannot be remotely exploited.

The vendors for the first two security issues have already provided a fix for their products and the US government is urging users to patch their systems as soon as possible.

Did You Like this Article? Get All the Energy Industry News Delivered to Your Inbox

Subscribe to an email newsletter today at no cost and receive the latest news and information.

 Subscribe Now


Logistics Risk Management in the Transformer Industry

Transformers often are shipped thousands of miles, involving multiple handoffs,and more than a do...

Secrets of Barco UniSee Mount Revealed

Last year Barco introduced UniSee, a revolutionary large-scale visualization platform designed to...

The Time is Right for Optimum Reliability: Capital-Intensive Industries and Asset Performance Management

Imagine a plant that is no longer at risk of a random shutdown. Imagine not worrying about losing...

Going Digital: The New Normal in Oil & Gas

In this whitepaper you will learn how Keystone Engineering, ONGC, and Saipem are using software t...