Hidden backdoors in Chinese solar equipment

𝗪𝗵𝗮𝘁 𝗵𝗮𝗽𝗽𝗲𝗻𝘀 𝗶𝗳 𝘁𝗵𝗲 𝗽𝗮𝗻𝗲𝗹𝘀 𝗽𝗼𝘄𝗲𝗿𝗶𝗻𝗴 𝘆𝗼𝘂𝗿 𝗰𝗶𝘁𝘆 𝗮𝗿𝗲 𝗾𝘂𝗶𝗲𝘁𝗹𝘆 𝘀𝗽𝘆𝗶𝗻𝗴 𝗼𝗻 𝘆𝗼𝘂? A recent discovery in the US—spyware embedded in solar panels, most of them sourced from China—should be front page news everywhere. But the silence is deafening. 𝗔𝘂𝘀𝘁𝗿𝗮𝗹𝗶𝗮 𝗴𝗲𝘁𝘀 𝗼𝘃𝗲𝗿 𝟵𝟬% 𝗼𝗳 𝗶𝘁𝘀 𝘀𝗼𝗹𝗮𝗿 𝗽𝗮𝗻𝗲𝗹𝘀 𝗳𝗿𝗼𝗺 𝗖𝗵𝗶𝗻𝗮. 𝗘𝘂𝗿𝗼𝗽𝗲? 𝗡𝗼𝘁 𝗳𝗮𝗿 𝗯𝗲𝗵𝗶𝗻𝗱. 𝗧𝗵𝗲 𝗽𝗿𝗶𝗰𝗲 𝗶𝘀 𝗴𝗼𝗼𝗱, 𝘁𝗵𝗲 𝘁𝗲𝗰𝗵 𝗶𝘀 𝘀𝗹𝗶𝗰𝗸, 𝗮𝗻𝗱 𝗲𝘃𝗲𝗿𝘆𝗼𝗻𝗲 𝘄𝗮𝗻𝘁𝘀 𝘁𝗼 𝗴𝗼 𝗴𝗿𝗲𝗲𝗻, 𝗳𝗮𝘀𝘁. But what if you’re not just buying clean energy, but also an invisible backdoor? Security used to mean locking the server room. Now it means checking if your grid has been compromised before the lights even turn on. This isn’t fearmongering. It’s a reminder that “cheap and easy” can have invisible costs—especially when critical infrastructure is on the line. If you’re in renewables, procurement, or national security: Are you ready to bet your country’s grid on an untrusted supply chain? Or will you start asking the tougher questions before the breach hits home? The future is bright—but only if we remember to keep an eye on what’s powering it. https://lnkd.in/eqxPYRKR

It is paramount to observe that China supplies a significant portion of critical power grid equipment to the US, especially large power transformers and inverters. Over the past decade, China has exported more than 200 large power transformers to the US, which is about 10% of the total high-voltage transformers in the country. More recent data shows nearly 450 large transformers imported from China since 2006, with over 125 purchased since 2020. China is also a dominant supplier of solar inverters, with over 170 million units imported since 2002. Chinese-made equipment is used by a wide range of US utilities, from small municipal providers to major regional and national grid operators. Chinese communications equipment (e.g., from Huawei and ZTE) remains present in US utility infrastructure, despite efforts and funding to remove it The reliance on Chinese-made transformers, inverters, and communication systems introduces significant cybersecurity and supply chain risks. Large transformers are highly specialized, difficult to replace quickly, and critical to grid stability, making their compromise or failure a major threat. There is currently no comprehensive requirement to test or monitor existing Chinese equipment in the grid for vulnerabilities, and cybersecurity standards do not fully address hardware-level risks. Investigations have revealed that some Chinese-made transformers contain hidden hardware backdoors, enabling remote shutdown or manipulation by operators in China. This is not hypothetical; a 2019 inspection of a seized Chinese transformer confirmed the presence of such hardware. These transformers can be exploited through cyberattacks, either by directly targeting the hardware or by using compromised software within interconnected grid components. Attackers could disrupt grid operations or trigger cascading failures. The presence of hundreds of critical Chinese transformers in the grid is seen by experts as equivalent to installing “sleeper cells” in vital infrastructure, posing an existential risk to national security. Large transformers are difficult and time-consuming to replace. If compromised, restoring grid functionality could take weeks or longer, leaving millions without power. Chinese-made transformers could be used to monitor grid loads and operations, providing valuable intelligence for timing or maximizing the impact of a cyber or physical attack. A compromised transformer can affect not only its immediate area but also interconnected, non-Chinese transformers, potentially spreading disruptions across the grid. There is currently no mandatory testing or security standard specifically targeting foreign-made transformers already installed in the US grid, leaving vulnerabilities unaddressed. In summary, Chinese-made transformers introduce serious risks of remote sabotage, cyberattack, intelligence gathering, and prolonged outages, with insufficient regulatory oversight to fully mitigate these threats.

🇨🇳🇺🇸 Chinese “𝐤𝐢𝐥𝐥 𝐬𝐰𝐢𝐭𝐜𝐡𝐞𝐬” capable of crippling power grids have been found in equipment at US solar farms, - The Times The devices, including hidden cellular radios, were discovered in Chinese inverters used to connect solar panels and wind turbines to grids worldwide. ❗️ These hidden cellular radios could be activated remotely to cripple power grids in the event of a confrontation between China and the West Engineers in American solar farms have found "𝐤𝐢𝐥𝐥 switches" in Chinese-made components, which raised severe fears that Beijing might have the power to manipulate supplies or "physically destroy" grids across the US, #UK and #Europe as per a report. Unauthorized communication devices were discovered inside some solar power inverters, reported Reuters. The devices, not mentioned in product documentation, were found by US experts who strip equipment hooked to grids to check for security issues. 🔍 Currently, energy officials are trying to find the risks posed by the small communication devices in power inverters, which are an integral part of renewable energy systems that connect them to the power grid. Though inverters are made in a way that allows remote access for updates and maintenance, the utility companies using them usually install firewalls to prevent direct communication back to China 🎤 Former director of the #USA National #Security Agency, Mike Rogers said, "We know that China believes there is value in placing at least some elements of our core infrastructure at risk of destruction or disruption," adding, "I think that the Chinese are, in part, hoping that the widespread use of inverters limits the options that the West has to deal with the security issue," quoted Daily Mail. In our endless efforts to reach #Sustainability goals by installing cheap solar panels, have we made our #Energy sectors vulnerable to outside forces who care not for #environment in the slightest? #Journalism

>> Are hidden radios putting our clean-energy assets at risk? ⚠️ According to a recent 𝐑𝐞𝐮𝐭𝐞𝐫𝐬 report, U.S. investigators have found “rogue communication devices”—undocumented cellular radios—inside some Chinese-made solar inverters and batteries, allowing them to punch straight through plant firewalls and potentially shut down or even damage equipment. Source: Reuters, “Ghost in the machine? Rogue communication devices found in Chinese inverters,” 14 May 2025. Link at the end of the post Mike Rogers, a former NSA Director put it plain and simple: “China believes there is value in placing at least some elements of our core infrastructure at risk of destruction or disruption.” 𝐖𝐡𝐲 𝐢𝐭 𝐦𝐚𝐭𝐭𝐞𝐫𝐬 📈 Sheer exposure: Chinese firms supply about 70% of global PV inverters and almost 80% of lithium-ion batteries —including much of the PCS hardware that ties BESS to the grid. 🪫Grid vulnerability made real: The Iberian blackout last month reminded us how cascading faults can ripple across interconnected networks. Add a deliberate remote shutdown and the stakes multiply. A bipartisan U.S. bill had already proposes banning federal purchases of Chinese batteries by 2027; utilities and regulators on both sides of the Atlantic are now scrutinising inverter firmware and potentially hidden radios. What do you think - Is the energy industry ignoring real risks to our grid stability or could this be just a misunderstanding - after all, modern inverters are incredibly complex gadgets with layers upon layers of interconnected systems... https://lnkd.in/eFaZc_pK

This is eye opening, if what is mentioned is true. - U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said. - Chinese companies are required by law to cooperate with China's intelligence agencies, giving the government potential control over Chinese-made inverters connected to foreign grids, experts said. - The rogue components provide additional, undocumented communication channels that could allow firewalls to be circumvented remotely, with potentially catastrophic consequences, the two people said. - "Ten years ago, if you switched off the Chinese inverters, it would not have caused a dramatic thing to happen to European grids, but now the critical mass is much larger," 1KOMMA5° Chief Executive Philipp Schröder said. - “China's dominance is becoming a bigger issue because of the growing renewables capacity on Western grids and the increased likelihood of a prolonged and serious confrontation between China and the West," he said. - The European Solar Manufacturing Council estimates over 200 GW of European solar power capacity is linked to inverters made in China - equivalent to more than 200 nuclear power plants. - “If you remotely control a large enough number of home solar inverters, and do something nefarious at once, that could have catastrophic implications to the grid for a prolonged period of time," said Uri Sadot cyber security program director at Israeli inverter manufacturer SolarEdge Technologies - In November, solar power inverters in the U.S. and elsewhere were disabled from China, highlighting the risk of foreign influence over local electricity supplies and causing concern among government officials, three people familiar with the matter said. - The incident led to a commercial dispute between inverter suppliers S** - **k and D**e, the people said. - NATO, the 32-country Western security alliance, said China's efforts to control member states' critical infrastructure - including inverters - were intensifying. "We must identify strategic dependencies and take steps to reduce them," said a NATO official. Ministry of New and Renewable Energy (MNRE) Reuters - The Hindu - NATO

🔍 Cybersecurity Alert in Renewable Energy Infrastructure - Really? 🤔 A recent Reuters investigation has uncovered undocumented communication devices in Chinese-manufactured solar power inverters and batteries—components integral to our energy grids. These rogue devices could potentially bypass firewalls, allowing unauthorized remote access and posing significant risks to grid stability. Given that Chinese companies supply a substantial portion of global inverter capacity, this revelation raises pressing questions about the security of our renewable energy infrastructure. Discussion Points: • How can we ensure the cybersecurity of critical energy components? • What measures should be taken to vet and monitor foreign-manufactured equipment? • How do we balance the drive for renewable energy adoption with national security concerns? I invite energy professionals, cybersecurity experts, and policymakers to share their insights on this issue. Let’s collaborate to fortify our energy systems against emerging threats. ⤵️ write your comments below! Repost and Follow for more interesting articles 👍

“If you remotely control a large enough number of home solar inverters, and do something nefarious at once, that could have catastrophic implications to the grid for a prolonged period of time” As we rush towards a renewables led, Net Zero approach to power generation globally, this is a fascinating deep dive into solar supply chain risks where inverters may be backdoored to enable remote operation. For standard OT supplier servicing? Or something more nefarious? TL;DR: - “Rogue communication devices found in Chinese solar inverters” - former NSA Director states: “China believes there is value in placing at least some elements of our core infrastructure at risk of destruction or disruption” - Does the US EO on mandatory SBOMs provide a means to verify components and potential state level vulnerabilities? - Huawei is the world's largest supplier of inverters and we’ve seen paranoia and strict controls on their equipment in telecoms networks before - Baltic nations are blocking remote Chinese access to solar, wind and battery installations above 100 kilowatts but what about consumer grade rooftop solar installs? After recent events in Portugal and Spain where the grid outage prompted rumours of a cyber attack, this is a great look at CNI threats and how the world is trying to tackle concentration risks associated with potential adversarial manufacturing. A weekend read at https://lnkd.in/gcXJa4ar

𝗛𝗶𝗱𝗱𝗲𝗻 𝗧𝗵𝗿𝗲𝗮𝘁𝘀 𝗶𝗻 𝗢𝘂𝗿 𝗦𝗼𝗹𝗮𝗿 𝗦𝘆𝘀𝘁𝗲𝗺𝘀: 𝗧𝗶𝗺𝗲 𝘁𝗼 𝗪𝗮𝗸𝗲 𝗨𝗽 Engineers in U.S. solar farms have discovered 𝘂𝗻𝗮𝘂𝘁𝗵𝗼𝗿𝗶𝘇𝗲𝗱 𝗰𝗼𝗺𝗺𝘂𝗻𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗱𝗲𝘃𝗶𝗰𝗲𝘀 𝗵𝗶𝗱𝗱𝗲𝗻 𝗶𝗻𝘀𝗶𝗱𝗲 𝗖𝗵𝗶𝗻𝗲𝘀𝗲-𝗺𝗮𝗱𝗲 𝗶𝗻𝘃𝗲𝗿𝘁𝗲𝗿𝘀. 𝗧𝗵𝗲𝘀𝗲 "𝗸𝗶𝗹𝗹 𝘀𝘄𝗶𝘁𝗰𝗵𝗲𝘀" 𝗰𝗼𝘂𝗹𝗱 𝗮𝗹𝗹𝗼𝘄 𝗿𝗲𝗺𝗼𝘁𝗲 𝘀𝗵𝘂𝘁𝗱𝗼𝘄𝗻𝘀, 𝗯𝗹𝗮𝗰𝗸𝗼𝘂𝘁𝘀, 𝗼𝗿 𝗲𝘃𝗲𝗻 𝗽𝗵𝘆𝘀𝗶𝗰𝗮𝗹 𝗱𝗮𝗺𝗮𝗴𝗲 𝘁𝗼 𝘁𝗵𝗲 𝗽𝗼𝘄𝗲𝗿 𝗴𝗿𝗶𝗱. As nations ramp up renewable energy adoption, are we unknowingly handing control of critical infrastructure to foreign powers? Security experts are calling for immediate reviews. The UK has already urged a pause and audit of imported green tech. Clean energy should empower nations—not leave them vulnerable. Should we rethink how and where we source our renewable tech? Let’s talk about balancing climate goals with national security. #EnergySecurity #SolarPower #Renewables #CyberSecurity #NationalSecurity #China #Inverters #GridSafety #CleanEnergy #Geopolitics

Imagine a device designed to harness the sun's energy for your home—only to discover it might be transmitting data back to a foreign power. Recent investigations have uncovered undocumented communication modules in Chinese-manufactured solar inverters and batteries, raising alarms about potential cybersecurity threats to the U.S. power grid. While these inverters are essential for integrating renewable energy into our grids, their dominance by Chinese manufacturers like Huawei and Sungrow poses a significant risk. The presence of rogue communication devices suggests a vulnerability that could be exploited to bypass firewalls, potentially allowing remote manipulation of our energy infrastructure. With the increasing integration of foreign-made technology into our critical infrastructure, how can we ensure the security and resilience of our energy systems against potential cyber threats? https://lnkd.in/e9xsn7j5

A news report highlighted that U.S. #energy officials are re-evaluating the potential risks associated with Chinese-made devices that are integral to #renewableenergy infrastructure, following the discovery of unexplained #communication equipment within some of these devices, according to two sources familiar with the situation. Power inverters, which are primarily manufactured in China, are essential for connecting solar panels and wind turbines to electricity grids worldwide. These devices are also used in batteries, heat pumps, and electric vehicle chargers. Although inverters are designed for remote access to facilitate updates and maintenance, utility companies typically implement firewalls to block direct communication with China and safeguard their systems. #Threatlandscape #Cyberthreats #Cyberattacks #Criticalinfrastructure https://lnkd.in/g3vbpMBS