Hackers Exploit Outdated Electricity Controller Using Flipper Zero to Disconnect Power Supply
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Researchers Fabian Bräunlein and Luca Melette demonstrated how outdated Radio Ripple Control systems, used to manage up to 60 gigawatts (GW) of electricity, could be exploited by attackers to disrupt power supply on a massive scale.
Their findings, presented at the Chaos Computer Club (CCC) conference, have raised alarms about the fragility of Europe’s energy infrastructure.
Understanding Radio Ripple Control
Radio Ripple Control is a century-old technology designed to send unencrypted, frequency-modulated signals to control various grid components. It operates using frequency-shift keying (FSK) and lacks encryption or authentication mechanisms, making it highly susceptible to interception and manipulation.
This system is widely used across Germany and neighboring countries like Austria, Hungary, and Slovakia to manage renewable energy inputs, load balancing, and even streetlights.
The protocol relies on receivers embedded in grid-connected devices such as photovoltaic systems, heat pumps, and electric vehicle chargers.
Commands are broadcast from centralized transmitters operated by entities like Europäische Funk-Rundsteuerung (EFR) GmbH. These commands regulate energy flow by switching systems on or off based on grid demand.
Exploiting the Vulnerabilities
The researchers demonstrated that attackers could intercept legitimate radio commands using a basic software-defined radio (SDR) and reverse-engineer the protocol.
Tools and Techniques: What an Attacker Needs
To execute an attack, hackers could either replay intercepted signals or inject new ones into the system.
They could also build high-powered rogue transmitters using antennas or drones to override legitimate broadcasts. Alternatively, physical breaches of transmitter facilities or hacking into EFR’s IT infrastructure could provide direct access.
The researchers highlighted three critical vulnerabilities that make such attacks feasible:
A well-timed attack could destabilize the grid by creating imbalances between supply and demand. For example:
Less than 60GW is needed to cause a serious grid-based problem
If the grid frequency falls below 47.5 Hz, power plants disconnect to prevent damage, necessitating a complete grid rebuild. Such a scenario could leave over 200 million people without electricity.
Addressing these vulnerabilities is complex due to the widespread use of Radio Ripple Control across Europe. Transitioning to modern systems with encrypted communication protocols like iMSys would require significant investment and time.
Meanwhile, short-term measures such as securing transmitter sites and implementing rolling codes or time-based authentication for signals could reduce risks.
This research underscores the urgent need for robust cybersecurity measures in critical infrastructure. While state-sponsored actors are more likely to exploit these vulnerabilities than amateur hackers, the potential consequences—a continent-wide blackout—are too severe to ignore.
Governments and energy providers must swiftly modernize their systems and safeguard Europe’s power grid from this serious threat.
#Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news
Оригинальная версия на сайте:
Hackers Exploit Outdated Electricity Controller Using Flipper Zero to Disconnect Power Supply
Author: Guru BaranResearchers Fabian Bräunlein and Luca Melette demonstrated how outdated Radio Ripple Control systems, used to manage up to 60 gigawatts (GW) of electricity, could be exploited by attackers to disrupt power supply on a massive scale.
Their findings, presented at the Chaos Computer Club (CCC) conference, have raised alarms about the fragility of Europe’s energy infrastructure.
Understanding Radio Ripple Control
Radio Ripple Control is a century-old technology designed to send unencrypted, frequency-modulated signals to control various grid components. It operates using frequency-shift keying (FSK) and lacks encryption or authentication mechanisms, making it highly susceptible to interception and manipulation.
This system is widely used across Germany and neighboring countries like Austria, Hungary, and Slovakia to manage renewable energy inputs, load balancing, and even streetlights.
The protocol relies on receivers embedded in grid-connected devices such as photovoltaic systems, heat pumps, and electric vehicle chargers.
Commands are broadcast from centralized transmitters operated by entities like Europäische Funk-Rundsteuerung (EFR) GmbH. These commands regulate energy flow by switching systems on or off based on grid demand.
Exploiting the Vulnerabilities
The researchers demonstrated that attackers could intercept legitimate radio commands using a basic software-defined radio (SDR) and reverse-engineer the protocol.
- A software-defined radio (e.g., HackRF One)
- An ESP32 microcontroller with a waveform generator
- Open-source tools like Universal Radio Hacker for signal analysis
Tools and Techniques: What an Attacker NeedsTo execute an attack, hackers could either replay intercepted signals or inject new ones into the system.
They could also build high-powered rogue transmitters using antennas or drones to override legitimate broadcasts. Alternatively, physical breaches of transmitter facilities or hacking into EFR’s IT infrastructure could provide direct access.
The researchers highlighted three critical vulnerabilities that make such attacks feasible:
- Unencrypted Signals: Commands sent via radio are neither encrypted nor authenticated, allowing easy interception and replay.
- Wide Control Scope: The system manages 40 GW of renewable energy input and 20 GW of load balancing in Germany alone.
- Systemic Weaknesses: Poor physical security at transmitter sites and outdated software exacerbate the risk.
A well-timed attack could destabilize the grid by creating imbalances between supply and demand. For example:
- Overloading renewable energy inputs during high production periods (e.g., sunny or windy days) could push grid frequency above 50.2 Hz, triggering automatic shutdowns of solar parks.
- Conversely, cutting power during peak demand could drop frequency below 49 Hz, leading to automated load shedding and widespread outages.
Less than 60GW is needed to cause a serious grid-based problemIf the grid frequency falls below 47.5 Hz, power plants disconnect to prevent damage, necessitating a complete grid rebuild. Such a scenario could leave over 200 million people without electricity.
Addressing these vulnerabilities is complex due to the widespread use of Radio Ripple Control across Europe. Transitioning to modern systems with encrypted communication protocols like iMSys would require significant investment and time.
Meanwhile, short-term measures such as securing transmitter sites and implementing rolling codes or time-based authentication for signals could reduce risks.
This research underscores the urgent need for robust cybersecurity measures in critical infrastructure. While state-sponsored actors are more likely to exploit these vulnerabilities than amateur hackers, the potential consequences—a continent-wide blackout—are too severe to ignore.
Governments and energy providers must swiftly modernize their systems and safeguard Europe’s power grid from this serious threat.
#Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news
Оригинальная версия на сайте:
