SITUATION
A renewable energy company engaged FTI Cybersecurity to complete a red flag assessment at a selected solar farm. The goal of this assessment was to identify the most significant cybersecurity challenges impacting the site, provide threat-based intelligence, and make practical recommendations to elevate the cybersecurity maturity of the solar farm.
OUR ROLE
FTI Cybersecurity conducted a light-touch cybersecurity assessment and penetration test to identify potential vulnerabilities within the organization’s operational technology infrastructure. The FTI Cybersecurity team traveled to the site to conduct the assessment, and primarily targeted the integrity of device firmware and network communications via cellular and data security. The assessment included testing for the deployment of custom firmware, simulating rogue base station attacks for data interception, and evaluating the storage security of critical credentials and encryption keys.
OUR IMPACT
The penetration test revealed the absence of security checks within the organization’s network, which could allow the installation of custom firmware by threat actors. The critical issues and weaknesses identified by FTI Cybersecurity affected the infrastructure implemented across the portfolio of solar parks in the region. The FTI Cybersecurity team provided a set of actionable recommendations to implement to elevate the security maturity of every site managed by the business across the Asia-Pacific region.