Cybersecurity

7259 readers

124 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

Denmark finds ‘suspicious’ components in key infrastructure imports, raising concerns about espionage and energy security (lemmy.sdf.org)

submitted 1 week ago by [email protected] to c/cybersecurity

5 comments fedilink hide all child comments

cross-posted from: https://lemmy.sdf.org/post/35125971

Archived

Danish firms have found “suspicious” components added to east Asian circuit boards that were supposed to be built into the country’s green energy infrastructure, according to an industry body.

It has raised concerns about the potential for remote disruption of the power supply or digital espionage, coming a week after the US claimed to have identified “kill switches” in a consignment of solar panels and batteries from China.

[...]

Green Power Denmark, an umbrella group for 1,500 Danish renewable technology companies, said the components from “the East” had been found during routine checks on a “development project” that had at no point been connected to the grid.

“It’s a clear warning: threats to energy security can hide in plain sight,” the organisation said. “The real danger isn’t always sabotage. It can also be unlisted components. Hidden functions. That’s why Danish energy companies dismantle and inspect before anything goes live.”

Jorgen Christensen, Green Power Denmark’s technical director, said there was no proof of foul play and it was possible that the mysterious electronics had been included to add some kind of innocent function to the circuit boards.

“It’s possible the supplier had no malicious intent,” he told Reuters. “We can’t say at this point. But that doesn’t change the fact that these components shouldn’t be there.”

Walburga Hemetsberger, head of the lobby group SolarPower Europe, said the discovery was highly concerning and called for an investigation.

[...]

In recent years experts have issued increasingly strident warnings about the security risk posed by China’s stranglehold over the supply of many categories of renewable energy components in Europe, such as batteries, turbines and the inverters used to smooth the voltage of power as it is fed into the grid.

The large-scale blackout that occurred a fortnight ago across much of Spain and Portugal, both of which depend heavily on Chinese-made solar energy infrastructure, has further concentrated minds on the issue.

[...]

top 5 comments

sorted by: hot top controversial new old

[–] [email protected] 5 points 1 week ago (2 children)

I wonder if the US backdoors are just better hidden or if there really arent any...
For all networking equipment for example the US based vendors were required (maybe still are?) to put in backdoors.

[–] [email protected] 6 points 1 week ago

the smart money is on "just better hidden"

[–] ryedaft 2 points 1 week ago* (last edited 1 week ago)

They stopped with Rubicon in 2018 but they probably have a couple of backups besides PRISM.

Operation Rubicon - Wikipedia - https://en.m.wikipedia.org/wiki/Operation_Rubicon

[–] Disaster -4 points 1 week ago (1 children)

Weird that now the EU has a pressing need to re-industrialize all of a sudden these stories are popping up. Without much evidence to support them.

Show me the teardown of the hardware, please. Until a story is posted with specifics, this is hearsay.

It's also worth noting that proper sourcing, production standards and chain of custody processes for critical infrastructure are the reason for the oft-ridiculed 50-dollar-screw in the US military.

[–] Rekorse 0 points 1 week ago

What, you don't like good ole american propaganda!?