Blackbird<p>Zwecks Auffindbarkeit ein paar Hastags dazu:<br>Untersuchte Hersteller: <a href="https://freiburg.social/tags/Huawei" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Huawei</span></a> <a href="https://freiburg.social/tags/Sungrow" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Sungrow</span></a> <a href="https://freiburg.social/tags/GinlongSolis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GinlongSolis</span></a> <a href="https://freiburg.social/tags/Goodwatt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Goodwatt</span></a> <a href="https://freiburg.social/tags/GoodWe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoodWe</span></a> <a href="https://freiburg.social/tags/SMA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SMA</span></a><br>Allgemein: <a href="https://freiburg.social/tags/PV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PV</span></a> <a href="https://freiburg.social/tags/WR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WR</span></a> <a href="https://freiburg.social/tags/Wechselrichter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Wechselrichter</span></a> <a href="https://freiburg.social/tags/Solar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Solar</span></a> <a href="https://freiburg.social/tags/Inverter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Inverter</span></a> <a href="https://freiburg.social/tags/SunDown" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SunDown</span></a> <a href="https://freiburg.social/tags/Forescout" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Forescout</span></a> <a href="https://freiburg.social/tags/China" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>China</span></a> <a href="https://freiburg.social/tags/Hacker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hacker</span></a> <a href="https://freiburg.social/tags/SmartHome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SmartHome</span></a> <a href="https://freiburg.social/tags/IoT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IoT</span></a><br><a href="https://www.forescout.com/research-labs/sun-down-a-dark-side-to-solar-energy-grids/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">forescout.com/research-labs/su</span><span class="invisible">n-down-a-dark-side-to-solar-energy-grids/</span></a><br><span class="h-card" translate="no"><a href="https://social.bund.de/@bsi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>bsi</span></a></span></p><p>Recommendations<br>Manufacturers<br>Development • Devices: holistic security architecture including secure boot, binary hardening, anti-exploitation features, permission separation etc<br>• Applications: proper authorization checks on web applications, mobile applications and cloud backends<br>Testing • Regular penetration testing on applications and devices • Consider bug bounty programs<br>Monitoring Web Application Firewalls Remember that a WAF does not protect against logical flaws</p><p>Users <br>Residential and commercial users • Change default passwords and credentials • Use role-based access control • Configure the recording of events in a log • Update software regularly • Backup system information • Disable unused features • Protect communication connections<br>Commercial and utility installations (in addition) •<br>Include security requirements into procurement considerations<br>• Conduct a risk assessment when setting up devices • Ensure network visibility into solar power systems • Segment these devices into their own sub-networks • Monitor those network segments</p>