European Solar Manufacturing Organization Warns of Cybersecurity Risks in Europe’s Solar Infrastructure Due to Chinese Inverters

solarquarter.com ESMC Warns of Cybersecurity Risks in Europe’s Solar Infrastructure Due to Chinese Inverters

The European Solar Manufacturing Council (ESMC) urges immediate EU action to address cybersecurity threats posed by Chinese-made PV inverters. With over 200 GW of Europe's solar capacity under foreign control, the ESMC calls for an “Inverter Security Toolbox” to safeguard energy sovereignty and prev...

Archived

Here is the original study: Restrict Remote Access of PV Inverters from High-Risk Vendors

The European Solar Manufacturing Council (ESMC) has issued a stark warning, highlighting a critical threat to Europe’s energy autonomy stemming from the unregulated remote access capabilities of PV inverters produced by non-European, high-risk manufacturers—particularly those from China. A recent study by DNV substantiates these concerns.

As solar power becomes increasingly integral to Europe’s clean energy goals and energy security, a major vulnerability looms: software-enabled remote access to PV inverters—the essential control units of solar power systems.

[...]

The threat is real, not hypothetical. Internet connectivity is essential for modern inverters to perform grid support functions and participate in power markets. However, this connectivity also enables remote software updates, allowing manufacturers to potentially modify device performance from afar. This poses serious cybersecurity risks, including the danger of intentional disruption or large-scale shutdowns. A recent DNV report, commissioned by SolarPower Europe, highlights the credible risk of cascading blackouts due to coordinated or malicious manipulation of inverters.

Solarpunk technology @slrpnk.net

European Solar Manufacturing Organization Warns of Cybersecurity Risks in Europe’s Solar Infrastructure Due to Chinese Inverters

solarquarter.com /2025/05/01/esmc-warns-of-cybersecurity-risks-in-europes-solar-infrastructure-due-to-chinese-inverters

10 0

Boycott China @sopuli.xyz

European Solar Manufacturing Organization Warns of Cybersecurity Risks in Europe’s Solar Infrastructure Due to Chinese Inverters

solarquarter.com /2025/05/01/esmc-warns-of-cybersecurity-risks-in-europes-solar-infrastructure-due-to-chinese-inverters

4 0

You're viewing a single thread.

32 comments

No comment.
- What's this US backdoor story?
  
  The US cloud act and the US Patriot Act
  Especially with just about every comsumer electronic regularly sending all your data to their servers, these laws are nothing but a backdoor with extra steps.
  
  Yeah ok. Thanks for clearing that up, I thought I missed something else. Yeah that's pretty bad and it's mind blowing how nobody cares in Europe and every new PC/Laptop is sold with Windoz and every big Company has all its assets in Micråsoft infrastructures...
- We should rely on neither of them.
  
  Exactly. But some EU politicians apparently have trumps micropenis stuck up their ass so far that it seems to interfere with their logical thinking.
- says the ignorant tankie while Chinese troops are in Ukraine. there's no credible threat of US invasion so leave your whataboutisms at the door of your instance
  
  there's no credible threat of US invasion
  Let's just ignore the threats of taking Greenland, Canada and Panama... and whoever else will get added to that list.
  \ I mean, it's not like the US has invaded a bunch of other countries in the past decades, right?
  But accusing others of being a tankie. Quite ironic.
  
  we're on a European board talking about Chinese attacks on European infrastructure. I'm not aware of US invasion threats to EU countries (which Greenland isn't a part of).
  I'm aware of the Snowden leaks and the CIA worldwide spying networks. those are valid concerns, however I don't think the risk to privacy can be compared to the yearly cyber attacks perpetuated by China against the EU. Only one of these will be used in a potential war against us since the US is a NATO ally.
  who cares who the US invaded in the past? I never said they didn't, you're bordering on whataboutism.
  
  I'm not aware of US invasion threats to EU countries
  And I'm not aware of Chinese invasion threats to EU countries, now what? While not a full member, Greenland is an OCT member of the EEA.
  we're on a European board talking about Chinese attacks on European infrastructure
  I'm aware. But we have many security flaws that don't just involve China, yet nobody seems to care about. That's what the meme is criticising. It doesn't mean we should let China do what it wants, in fact I'm also in favor of eliminating such risks, but it's only ever "China this, China that", while ignoring things like e.g. networking infrastructure provided by the US. It's the one-sided reporting, i.e. red scare, that's annoying.
  Only one of these will be used in a potential war against us since the US is a NATO ally.
  For how long though? And spying on politicians and high-ranking army officials is most definitely going to be used against us in a potential war. This already happened, despite us being NATO allies. It wasn't just EU citizens, they fucking spied on Angela Merkel and other EU officials. But yeah, nothing to worry about, they're our allies after all...
  Keep in mind: "It may be dangerous to be America’s enemy, but to be America’s friend is fatal"
  who cares who the US invaded in the past?
  I do, and you should too, if you don't blindly trust your "allies". Accusing us of whataboutism, while you were writing about "Chinese troops in Ukraine" in response to a meme criticising the one sided reporting on security risks... absolutely wild.
  
  The same principle of strategic independence though can and should be applied to everyone, including China and the US. It's clear that US is not a reliable ally, it was very clear when they shut down F-16s remotely in Ukraine to bully them into submission. Nothing is stopping them from shutting down power grids if these are in their hands to push EU to do whatever is not in its interests.
  It's not like the risk of invasion is the only criteria to use for deciding to be independent on core technologies.
  
  i agree, if I had to choose I'd definitely want an economic/cyber war with the US over the much more likely conventional war with China
  
  I think you are greatly underestimating what someone controlling the tech (note: here you don't need cyber attacks) for critical infrastructure can do. Shut down power and water and the war finishes before it even starts. Let alone communications, payment systems, banking systems, government websites and all the other services that depend on cloud (i.e., mostly US companies).
  The new directive (DORA I think? In get confused with the names) does include for a reason the mandatory exit plan for cloud providers ready.
  
  The only whataboutism is coming from your comment.
  I was not saying that we should just let China do its thing. I was saying that instead of just focusing on China, we should be banning the companies which have are by law obligated to provide backdoors too.
  the US is a fashist state, and if you somehow really think its not threat enough that trump is arresting children and sentencing them without lawyers, as well as sending immigrants to KZs, you should really see a doctor.
  
  to point number 2, China is also a fascist state. your meme is whataboutism because it's implying we should leave China alone while at the same time China is committing the same abuses that the US does. I'm a FOSS advocate in software and hardware, most Chinese tech doesn't meet the standards of respecting human rights
  
  it's implying we should leave China alone
  It just implies that we should treat the US and Chinese more similarly. Whether this means avoiding the US more or working more closely with China is completely up to interpretation.
  most Chinese tech doesn't meet the standards of respecting human rights
  Is that a problem with Chinese tech, or just proprietary tech? Because apart from privacy, I can't tell which human rights tech is supposed to respect, and lack of privacy is an issue not limited to Chinese tech.
  
  Is that a problem with Chinese tech, or just proprietary tech? Because apart from privacy, I can't tell which human rights tech is supposed to respect
  not using Uyghur slave labor in East Turkestan would be a bare minimum for example. I'm not implying that China is alone in this, it's a problem in all the other capitalist countries.
  even if they made their tech open source, I highly doubt they'd stop exploiting the populace
  
  So you're talking about the tech industry, not the tech itself.
  Assuming that the "Uyghur forced labor" claim isn't just American propaganda: Do you really think forced labor is used for the tech industry? Skilled workers, who are needed for the tech industry, are a bit harder to exploit and it seems like the main concern with forced labor of Uyghurs is cotton. To my knowledge, the whole tech industry is located mostly in eastern China.
  And how do you know that "most of Chinese tech doesn't respect human rights", when referring to forced labor? Do you track down the production chain of Chinese products? Or was there some investigation that I missed? These seem like absurd claims to me, so I'd really like a few sources.
  
  gonna assume you aren't just a genocide denier and you're asking for sources in good faith:
  https://www.antislavery.org/reports/uyghur-forced-labour-green-technology/
  https://www.researchgate.net/publication/366812496_In_Broad_Daylight_Uyghur_Forced_Labour_and_Global_Solar_Supply_Chains
  https://www.npr.org/sections/goatsandsoda/2023/02/01/1152893248/red-cobalt-congo-drc-mining-siddharth-kara
  https://archive.is/renxw
  
  I'm a genocide denier in the sense that I see what may be happening in Xinjiang as a violation of human rights, not a genocide just yet. But your second link seems convincing enough for me to read more about, thanks.
  The issues in the Congo are true. I didn't think about them before because I consider them mostly a failure of the Congo to enforce labor laws, but obviously Chinese companies aren't innocent here.

32 comments