‘Rogue’ devices found in Chinese solar inverters raises cybersecurity alarm in Europe

Facebook
Twitter
LinkedIn
Reddit
Email
Undocumented and ‘rogue’ communication devices have been found in a number of Chinese-made solar inverters. Image: Baywa r.e.

US energy officials have found unexplained communication equipment inside some Chinese-made inverter devices, according to a report from the Reuters news agency.

This morning, Reuters reported the presence of undocumented and “rogue” communication devices in a number of Chinese-made solar inverters. These could potentially introduce unregulated and undocumented remote communication channels to the inverters, by which an actor could remotely bypass the cybersecurity firewalls that utility companies use to prevent direct communication back to China.

This article requires Premium SubscriptionBasic (FREE) Subscription

Try Premium for just $1

  • Full premium access for the first month at only $1
  • Converts to an annual rate after 30 days unless cancelled
  • Cancel anytime during the trial period

Premium Benefits

  • Expert industry analysis and interviews
  • Digital access to PV Tech Power journal
  • Exclusive event discounts

Or get the full Premium subscription right away

Or continue reading this article for free

Similar devices were also found in Chinese-made batteries.

Inverters are highly digitalised products, often referred to as the “heart” or “brain” of a PV system. In theory, hackers could remotely disrupt or switch off solar power supply if they could control the inverter, resulting in power losses, blackouts or damage to energy infrastructure.

The concerned parties that spoke to Reuters did not disclose the manufacturers or the number of products where they found the rogue devices. Energy analyst Wood Mackenzie said that Chinese firms Huawei and Sungrow dominated over 50% of the global inverter market share in 2023.

In response to PV Tech for this article, CEO of US trade body Solar Energy Industries Association (SEIA), Abigail Ross Hopper, said “This is a serious issue that the industry needs to address, and it’s even more reason for Congress to maintain tax credits that are onshoring the production of inverters and the entire solar supply chain in the United States.

“Continuing the buildout of domestic solar manufacturing is essential to give us more control over the security and integrity of our energy systems.”

European concerns

Though discovered in the US, the presence of unregistered equipment has raised alarm in Europe.

The European Solar Manufacturing Council (ESMC), the body which represents the interests of some Europe-based PV companies, said that: “With over 200GW of Europe’s solar capacity relying on these inverters—equivalent to more than 200 nuclear power plants—the security risk is systemic.”

In a LinkedIn post, it called on the European Commission (EC) to examine the “risk potential for sabotage and espionage” of manufacturers of components that can “significantly influence the behaviour” of the European grid. It also called for “rigorous audit and validation tools” and a fully transparent software bill of materials (BOM).

The ESMC and fellow trade body SolarPower Europe have been ramping up calls for greater cybersecurity protection for European inverters. Earlier this month, the ESMC called for a restriction for remote access to inverters from “high risk” Chinese manufacturers.

This followed a report from SolarPower Europe and consultancy DNV highlighting the security risks posed by digital inverters. The report said that the risks were “above acceptable limits”, as an attack on just 3GW of inverter capacity—far lower than the production capacity of the leading suppliers—could have “significant implications” for the power system.

In the report from DNV and SolarPower Europe published last month, the authors said there is “growing concern for potential damage” from cyber attacks in the solar industry as it grows. It also cited hacker groups which had been associated with the Chinese and Russian governments, identified by the US Cybersecurity and Infrastructure Security Agency (CISA) “with a focus on attacking critical infrastructure in the US and Europe.”

Opinions from Intersolar Europe

Last week, PV Tech spoke to a leading European inverter manufacturer at the Intersolar Europe trade show in Munich, who said that the risk of cyberattacks to cut power supply from solar inverters was “real”, and that “it’s very clear inverter companies could switch off the grid if they want to.”

Our interviewee likened the prospect to Russia restricting gas supply to Europe after its invasion of Ukraine. “Probably 99% of people would have said ‘No, there’s no risk [of that happening].’ But it did. We saw it. And I see the same risk here.”

PV Tech Premium also spoke to companies present at the event, including SolarEdge and Solargis, about growing cybersecurity concerns in the European solar sector.

What could have been thought of as a hypothetical “risk” is perhaps now closer to reality with today’s report from the US.

21 October 2025
New York, USA
Returning for its 12th edition, Solar and Storage Finance USA Summit remains the annual event where decision-makers at the forefront of solar and storage projects across the United States and capital converge. Featuring the most active solar and storage transactors, join us for a packed two-days of deal-making, learning and networking.
2 December 2025
Málaga, Spain
Understanding PV module supply to the European market in 2026. PV ModuleTech Europe 2025 is a two-day conference that tackles these challenges directly, with an agenda that addresses all aspects of module supplier selection; product availability, technology offerings, traceability of supply-chain, factory auditing, module testing and reliability, and company bankability.
10 March 2026
Frankfurt, Germany
The conference will gather the key stakeholders from PV manufacturing, equipment/materials, policy-making and strategy, capital equipment investment and all interested downstream channels and third-party entities. The goal is simple: to map out PV manufacturing out to 2030 and beyond.
16 June 2026
Napa, USA
PV Tech has been running PV ModuleTech Conferences since 2017. PV ModuleTech USA, on 16-17 June 2026, will be our fifth PV ModulelTech conference dedicated to the U.S. utility scale solar sector. The event will gather the key stakeholders from solar developers, solar asset owners and investors, PV manufacturing, policy-making and and all interested downstream channels and third-party entities. The goal is simple: to map out the PV module supply channels to the U.S. out to 2027 and beyond.

Read Next

October 8, 2025
Australia's NEM achieved a new minimum operational demand record of 9,666MW, marking a 4% decrease from the previous record.
October 8, 2025
Frontier Energy plans to expand its Waroona Renewable Energy Project into a renewable energy precinct by 2031, targeting up to 1GW solar.
October 7, 2025
Econergy will acquire 100% stake in the 155MW Ratesti solar project in Romania, further expanding its European renewable energy portfolio.
October 7, 2025
Juniper Green Energy through its subsidiary Juniper Green Sigma Eight has signed a 70MW power purchase agreement with renewable energy giant Tata Power. 
October 7, 2025
Solar PV will account for almost 80% of the 4.6TW of new renewable power expected to be added by 2030, according to the International Energy Agency (IEA).
October 7, 2025
OpenSolar has secured US$13.1 million in equity financing from technology investors, including Titanium Ventures, Google and others.

Subscribe to Newsletter

Upcoming Events

Solar Media Events
October 21, 2025
New York, USA
Solar Media Events
November 25, 2025
Warsaw, Poland
Solar Media Events
December 2, 2025
Málaga, Spain
Solar Media Events
February 3, 2026
London, UK