Computer security researchers have detected a major security flaw in the Tesla Backup Gateway, the system that manages connections to the network of Powerwalls, the manufacturer’s domestic energy storage batteries.
In 2015, Tesla launched its Powerwall systems, household energy storage batteries, in several countries. Accompanied by several solar panels, these huge rechargeable batteries produce renewable energy through solar energy. One of the key features of Powerwalls is that they can deliver excess energy to the home’s general network, when energy production is greater than home consumption.
Powerwall users also benefit from access to the Tesla Backup Gateway, an exclusive platform developed to manage the solar energy produced by the Powerwall installation. This system is able to connect directly to the network, monitor it and alert owners in case of failure. In addition, users can control the energy reserves through a mobile application.
Also read: Tesla is working on batteries capable of holding more than a million and a half kilometers
A brute force attack is enough to gain access to the system
Only it turns out that the Tesla Backup Gateway harbors a security breach according to computer security researchers at Rapid7. In fact, to access the platform for the first time, users must connect to the TeslaBackup Gateway network by Wi-Fi, and enter their email address and password (the last five digits of the serial number).
According to Rapid7 researchers, the risk with this method is that hackers can exploit “weak references”. A five-digit password results in 60.4 million possible combinations. But according to the words of these experts, there is no protection against brute force attacks, which consists of trying all the possible combinations to crack a key or a password one by one.
Another problem is that the SSID of the Tesla Backup Gateway Wi-Fi access point uses the last three characters of the serial number. In fact, if a hacker accesses this data, he will only have two digits left to find out of the five to obtain the password. Rapid7 also states that many municipalities in the United States publish permits online to install Tesla Solar or Powerwall, which allows hackers to easily obtain the addresses of potential targets.
However, the Tesla Backup Gateway platform contains APIs that document energy consumption, certain home information, as well as other hidden APIs that can be used to get additional data and access specific functions. “In theory, the voltage, cycle and other parameters of the energy managed by the platform, as well as the batteries connected to it, are configurable. It may be possible to damage a battery, or even the electrical network, if these parameters can be altered ”, say Rapid 7 researchers.
Before their research was published, Rapid7 contacted Tesla. The manufacturer said that “predictable installation passwords have been fixed for some time on newly released Backup Gateway V1 platforms […] and that all passwords are now generated randomly ”.