Europe

[...]

Despite years of debate about supply chain resilience, more than 70 percent of world’s solar inverters come from Chinese manufacturers. The three biggest players – Huawei, Sungrow, and Ginlong Solis – are all Chinese. Here lies the first paradox: Huawei has been banned from a large portion of Europe’s 5G networks due to national security concerns, yet its technology is welcomed into the power grid [...] Huawei has been banned from a large portion of Europe’s 5G networks due to national security concerns, yet its technology is welcomed into the power grid.

[...]

Only a few countries, such as Estonia and the United Kingdom, appear to recognize this inconsistency. After banning Huawei from its 5G infrastructure, Estonia is now sounding the alarm as the same company pivots aggressively into the energy domain. Britain faces a similar dilemma. As reported by the Telegraph, experts warn that allowing a company once deemed a national security threat in telecommunications to build the digital backbone of the UK’s clean energy transition is a dangerous contradiction. Lithuania has gone even a step further. In April 2024, it became the first EU country to act decisively, passing a law explicitly banning China from remotely accessing and controlling the digital systems of its renewable energy assets, treating Chinese remote access for what it really is: a national security vulnerability.

[...]

The timeline of incidents targeting electric energy infrastructure over the last decade tells a clear story: the two most persistent, well-resourced, and strategically focused actors are Russia and China.

Take Russia’s GRU-affiliated hacking group Sandworm, responsible for the 2015 and 2016 cyberattacks on Ukraine’s power grid. The 2015 attack caused widespread blackouts using relatively crude malware, but by 2016, Sandworm deployed Industroyer – first malware designed specifically to disrupt grid operations. These attacks caused severe blackouts, directly impacting civilian populations. In 2022, during Russia’s full-scale invasion of Ukraine, Sandworm resurfaced with Industroyer2, aimed at high-voltage substations. This time, however, Ukrainian defenders successfully neutralized the threat before it could trigger widespread outages.

[...]

Unlike Russia’s smash-and-break approach, China prioritizes stealth: it uses legitimate tools to move undetected, blending into normal operations, to hold leverage until the moment arises. For years, Chinese state-linked groups have methodically infiltrated foreign cyberspace. The recently exposed Volt, Salt, and Flax Typhoon threat actors were just the latest chapters of this long-term strategy.

[...]

Beijing fosters dependence on China-dominated supply chains, and then weaponizes these links. When political tensions rise, Beijing does not hesitate to act. Lithuania experienced this firsthand after strengthening ties with Taiwan, prompting China to block Lithuanian goods at customs and choke its exports. In Czechia, security concerns over Huawei’s role in 5G networks were met with direct economic threats, with Chinese officials warning that the exclusion of Huawei would lead to retaliation that would impact the country’s GDP growth.

[...]

The nightmare scenario is a coordinated remote shutdown. Tens or hundreds of thousands of inverters could be disabled by remote command. Within seconds, gigawatts of solar generation would vanish from the power grid. Europe’s transmission system can typically absorb a sudden 2-to-5-gigawatt loss without falling apart. Push beyond 10 gigawatts, and you risk cascading failures. Grid sections would start detaching themselves to survive, frequency would plummet, spinning reserves would struggle to keep up, resulting in fragmentation and rolling blackouts.

But crude shutdowns are not the only threat. Modern solar inverters can be remotely switched from supplying real power to injecting reactive power – a change that can destabilize voltage profiles across the grid. A sudden surge of reactive power could overload compensation systems, trigger protection relays, and knock sensitive generators offline – without any clear sign of sabotage. Thousands of inverters, acting in sync, could ripple distortions across Europe’s power grid and destabilize entire regions.

[...]

Defusing the hidden risks requires action in at least four areas:

• Recognize Solar as Critical Infrastructure: Solar inverters are active participants in grid stability. From a cybersecurity perspective, they must no longer be treated as low-risk consumer electronics; instead, strict cybersecurity standards must be applied by design.
• Rethink Power Grid Defense: Distributed solar assets are scattered across millions of rooftops, with no unified defense perimeter. Because of this, the same protection strategies used for centralized assets like nuclear power plants cannot be applied. The rise of distributed critical infrastructure demands a redefinition of what critical infrastructure means, as well as a new methodology for securing millions of interconnected, remotely accessible assets.
• Prohibit Remote Access from Adversarial Jurisdictions: Following Lithuania’s example, the EU must ban remote access from adversarial countries. Remote access must be restricted exclusively to trusted entities operating under European or allied partners’ legal frameworks.
• Diversify the Supply Chain: The EU must move beyond slogans and actively support European and allied manufacturers struggling to compete with China’s heavily subsidized, state-backed solar technology.

[...]