Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Discover critical security vulnerabilities in residential solar energy systems through this 33-minute DEF CON 33 conference talk that exposes how solar microgrids can be compromised through supply chain weaknesses. Learn about real-world attack vectors including unauthenticated cloud APIs, unsigned firmware updates, hardcoded root credentials, and vendor-enabled kill switches that plague today's solar infrastructure. Explore practical demonstrations of account takeover techniques using brute-forced PINs, remote access to power dashboards with zero authentication requirements, firmware tampering methods for establishing persistent implants, and replay attacks targeting plaintext MODBUS communications. Understand how security flaws propagate across rebadged OEM devices and shared cloud infrastructure, transforming individual vulnerabilities into industry-wide risks that affect the entire solar supply chain. Examine the gap between the promise of energy independence and the reality of insecure firmware, exposed APIs, and devices that communicate with unknown servers, fundamentally challenging assumptions about off-grid security and revealing why solar energy systems require a complete threat model reassessment.
