Safety devices like the one Cui’s team examined are key to the operation and stability of the modern electric grid. Known as protection relays, they cut the power when faults, or abnormal currents, threaten to damage equipment or harm people. Researchers at Red Balloon discovered vulnerabilities on a relay made by the French firm Schneider Electric SE, called the Easergy P5. The company on Tuesday published a software fix for the device, which is not yet for sale in the U.S. A Schneider Electric spokesman said the firm is “extremely vigilant of cyber threats and continually assesses and evolves our products and R&D practices to better protect our offers, and our customers’ operations against them.” “Upon learning of the vulnerabilities with the Schneider Electric Easergy P5 protection relay, we worked immediately to resolve them,” according to the spokesman. “We urge users of the product to follow the guidance we will provide in the Jan. 11 security notification — which includes a software patch that will address the immediate risk — as part of our disclosure process. Users should implement general cybersecurity best practices across their operation to protect their systems.”
Read more of this story at Slashdot.