- cross-posted to:
- technology@slrpnk.net
- cross-posted to:
- technology@slrpnk.net
US energy officials have found unexplained communication equipment inside some Chinese-made inverter devices.
[…]
Reuters reported the presence of undocumented and “rogue” communication devices in a number of Chinese-made solar inverters. These could potentially introduce unregulated and undocumented remote communication channels to the inverters, by which an actor could remotely bypass the cybersecurity firewalls that utility companies use to prevent direct communication back to China.
[…]
You must log in or register to comment.
Not naming the manufacturers is very disappointing
Not naming the manufacturers is very disappointing
It is. So I looked it up:
According to the info I found, Huawei battery systems, and concerning solar panel electricity invertors they mentioned Sungrow, Growatt, and SMA. Growatt has arranged a patch, they claim.
Many of these Chinese systems have little to none (security) updates.
What makes you believe that those software issues from a month ago are in any way related to the undocumented communication hardware found now?
It’s not as fun and exciting James Bond shit when a supply-chain attack happens too close to home, huh? At least it didn’t explode in anyones faces.
Or pockets…
Ok, what are European vendors for inverters? I really want solar, but I would prefer local vendors.
Fronius, SMA, Victron.
The unfortunate bit is that apparently e.g. Huawei inverters are extremely reliable, whereas e.g. cheaper SMA models are not.
SMA is on the list.
In case you’re referring to the comment by HowRu68 above, I don’t think that those software vulns are related to this issue at all.
Yea that’s the one I was referring too. If not then that’s good
deleted by creator
I wonder if an incentive to be well built and reliable ends up being the fact they are strategic assets that can be “called into service” for decades.
This is some conspiracy brain thinking, but… they did find secret communication devices…
Fronius is Austrian and there are a few others but none producing microinverters that I’m aware of. If you are doing an install with no shading issues during the day, regular inverters are preferable though since the costs are cheaper and there’s no DC-AC-DC loss if you include a battery backup.
Victron
There are some for the mid to large scale, which this would affect. Less so for small scale like <<100 kWp.
Spain reconsiders possibility of hackers causing blackouts
The possibility of the blackouts being caused by a cyberattack was immediately considered, though the grid operators in Spain and Portugal both said at the time there was no evidence of hacking, a point that was echoed by authorities and politicians.
Now, reports suggest Spanish authorities are investigating whether smaller power generators were a weak link that was exploited by cyber criminals to target the electricity grid, according to the Financial Times …
[The original FT article is behind a paywall.]
It doesnt have to be a “cyberattack” for it to be the fault of chinese inverters. There have been plenty of cases of faulty automatic firmware updates bricking all online inverters of a brand at the same time. Thats why you always cut those things off from the internet and set up your own monitoring.
[The original FT article is behind a paywall.]
The archived version, however, is not
Wtf
China has been doing this in a lot of hardware. It’s a huge national security risk to not screen inbound hardware for problems, but doesn’t really happen because that would be a monumental task.
Hell, look at what Israel did with those pagers. It’s crazy to think that other nations haven’t been putting malicious packages in their electronics as well.
Imagine what all they are cramming into their EVs.
Like yeah its concerning no doubt, but imagining whatbthey ae doing without evidence while the main competition and market leader is a fascist cunt who disables functionality just before impact to shed blame and doctors mileage reports.
They get away with it because we are not better, if the competition was better they would have to meet them where they are.
Hmmm. Unnamed “people” of some unnamed US spook organization find rogue devices in an undisclosed number of Chinese solar inverters and batteries of not named brands which alerts Europe. Smells fishy.
Hmmm. Unnamed “people” of some unnamed US spook organization find rogue devices in an undisclosed number of Chinese solar inverters and batteries of not named brands which alerts Europe. Smells fishy.
100% after no evidence ever emerged about the supermicro motherboards with supposed spy chips on them… and everyone that actually bought them called bullshit, we should maintain a healthy degree of scepticism.
extraordinary claims require extraordinary evidence… but really any evidence would be nice.
fuck china, taiwan ftw :D
Unnamed “people” of some unnamed US spook organization
People employed by a state actor to screen hardware (or closely related to screening) probably aren’t supposed to leak stuff like this. Nobody wants a potential adversary knowing what you do/do not know.
rogue devices in an undisclosed number of Chinese solar inverters and batteries of not named brands
Again, there’s no benefit to telling, especially when this could tie back to a leaker. How could they disclose a number? They deconstruct a sample selection, not every single one that’s installed. What would the public even do with brand information? Throw away the commercial utility grade inverters tied into their nonexistent home grid?
which alerts Europe
Spain just had a very public massive grid failure. Even if they don’t trust the US diplomatically, they could very easily take this info and verify it on their own devices.
Every smart car on the road has a backdoor killswitch and GPS tracking, “just in case” it needs to be used against a private individual. You think a state actor supplying 30-40% of the global market (allies and adversaries alike) wouldn’t do the same thing?
