311
‘Rogue’ devices found in Chinese solar inverters raises cybersecurity alarm in Europe
(www.pv-tech.org)
Not naming the manufacturers is very disappointing
this post was submitted on 14 May 2025
311 points (97.8% liked)
Europe
5909 readers
1185 users here now
News and information from Europe 🇪🇺
(Current banner: La Mancha, Spain. Feel free to post submissions for banner images.)
Rules (2024-08-30)
- This is an English-language community. Comments should be in English. Posts can link to non-English news sources when providing a full-text translation in the post description. Automated translations are fine, as long as they don't overly distort the content.
- No links to misinformation or commercial advertising. When you post outdated/historic articles, add the year of publication to the post title. Infographics must include a source and a year of creation; if possible, also provide a link to the source.
- Be kind to each other, and argue in good faith. Don't post direct insults nor disrespectful and condescending comments. Don't troll nor incite hatred. Don't look for novel argumentation strategies at Wikipedia's List of fallacies.
- No bigotry, sexism, racism, antisemitism, islamophobia, dehumanization of minorities, or glorification of National Socialism. We follow German law; don't question the statehood of Israel.
- Be the signal, not the noise: Strive to post insightful comments. Add "/s" when you're being sarcastic (and don't use it to break rule no. 3).
- If you link to paywalled information, please provide also a link to a freely available archived version. Alternatively, try to find a different source.
- Light-hearted content, memes, and posts about your European everyday belong in !yurop@lemm.ee. (They're cool, you should subscribe there too!)
- Don't evade bans. If we notice ban evasion, that will result in a permanent ban for all the accounts we can associate with you.
- No posts linking to speculative reporting about ongoing events with unclear backgrounds. Please wait at least 12 hours. (E.g., do not post breathless reporting on an ongoing terror attack.)
- Always provide context with posts: Don't post uncontextualized images or videos, and don't start discussions without giving some context first.
(This list may get expanded as necessary.)
Posts that link to the following sources will be removed
- on any topic: RT, news-pravda:com, GB News, Fox, Breitbart, Daily Caller, OAN, sociable:co, citjourno:com, brusselssignal:eu, europesays:com, geo-trends:eu, any AI slop sites (when in doubt please look for a credible imprint/about page), change:org (for privacy reasons)
- on Middle-East topics: Al Jazeera
- on Hungary: Euronews
Unless they're the only sources, please also avoid The Sun, Daily Mail, any "thinktank" type organization, and non-Lemmy social media. Don't link to Twitter directly, instead use xcancel.com. For Reddit, use old:reddit:com
(Lists may get expanded as necessary.)
Ban lengths, etc.
We will use some leeway to decide whether to remove a comment.
If need be, there are also bans: 3 days for lighter offenses, 7 or 14 days for bigger offenses, and permanent bans for people who don't show any willingness to participate productively. If we think the ban reason is obvious, we may not specifically write to you.
If you want to protest a removal or ban, feel free to write privately to the primary mod account @EuroMod@feddit.org
founded 10 months ago
MODERATORS
Not naming the manufacturers is very disappointing
It is. So I looked it up:
According to the info I found, Huawei battery systems, and concerning solar panel electricity invertors they mentioned Sungrow, Growatt, and SMA. Growatt has arranged a patch, they claim.
Many of these Chinese systems have little to none (security) updates.
What makes you believe that those software issues from a month ago are in any way related to the undocumented communication hardware found now?
Ok, what are European vendors for inverters? I really want solar, but I would prefer local vendors.
Fronius is Austrian and there are a few others but none producing microinverters that I’m aware of. If you are doing an install with no shading issues during the day, regular inverters are preferable though since the costs are cheaper and there’s no DC-AC-DC loss if you include a battery backup.
Fronius, SMA, Victron.
The unfortunate bit is that apparently e.g. Huawei inverters are extremely reliable, whereas e.g. cheaper SMA models are not.
I wonder if an incentive to be well built and reliable ends up being the fact they are strategic assets that can be “called into service” for decades.
This is some conspiracy brain thinking, but… they did find secret communication devices…
SMA is on the list.
In case you're referring to the comment by HowRu68 above, I don't think that those software vulns are related to this issue at all.
Yea that's the one I was referring too. If not then that's good
Victron
There are some for the mid to large scale, which this would affect. Less so for small scale like <<100 kWp.
It's not as fun and exciting James Bond shit when a supply-chain attack happens too close to home, huh? At least it didn't explode in anyones faces.
Or pockets...
Spain reconsiders possibility of hackers causing blackouts
The possibility of the blackouts being caused by a cyberattack was immediately considered, though the grid operators in Spain and Portugal both said at the time there was no evidence of hacking, a point that was echoed by authorities and politicians.
Now, reports suggest Spanish authorities are investigating whether smaller power generators were a weak link that was exploited by cyber criminals to target the electricity grid, according to the Financial Times ...
[The original FT article is behind a paywall.]
It doesnt have to be a "cyberattack" for it to be the fault of chinese inverters. There have been plenty of cases of faulty automatic firmware updates bricking all online inverters of a brand at the same time. Thats why you always cut those things off from the internet and set up your own monitoring.
Wtf
China has been doing this in a lot of hardware. It’s a huge national security risk to not screen inbound hardware for problems, but doesn’t really happen because that would be a monumental task.
Hell, look at what Israel did with those pagers. It’s crazy to think that other nations haven’t been putting malicious packages in their electronics as well.
Imagine what all they are cramming into their EVs.
Like yeah its concerning no doubt, but imagining whatbthey ae doing without evidence while the main competition and market leader is a fascist cunt who disables functionality just before impact to shed blame and doctors mileage reports.
They get away with it because we are not better, if the competition was better they would have to meet them where they are.