Silent Threat: How Chinese Solar Inverters Imperil U.S. National Security and Critical Infrastructure

The increasing reliance on renewable energy sources, particularly solar power, has brought a critical vulnerability into sharp focus: the widespread use of Chinese-made solar inverters and the potential threat they pose to U.S. national security and critical infrastructure. Recent discoveries of undocumented communication devices and “kill switches” embedded within these components have ignited urgent concerns among cybersecurity experts and government officials.

Solar inverters are essential components in any solar energy system, converting the direct current (DC) electricity generated by solar panels into alternating current (AC) compatible with the electrical grid. Given their integral role in the power flow, any compromise of these devices could have devastating consequences for energy stability and national security.

The Alarming Discoveries:

Recent investigations by U.S. experts have revealed deeply troubling findings:

• Undocumented Communication Devices: During routine security assessments, hidden communication modules, including cellular radios, have been found in Chinese-manufactured solar inverters and batteries. These devices are not listed in product documentation, bills of materials, or operating specifications, raising serious questions about their purpose and unauthorized access capabilities. As reported by Reuters on May 14, 2025, these “rogue” communication devices have been a significant cause for concern among U.S. officials and cybersecurity experts.
• “Kill Switches” and Remote Manipulation: The presence of these hidden components suggests a deliberate effort to circumvent existing firewalls and establish covert communication channels. Experts warn that these “rogue” devices could allow remote actors to switch off inverters, alter their settings, or even cause physical damage to grid infrastructure, potentially triggering widespread blackouts. Reports indicate incidents where solar power inverters in the U.S. were remotely disabled from China, underscoring the tangible nature of this threat.
• Circumventing Security Measures: While inverters are designed to allow remote access for updates and maintenance, utility companies typically employ firewalls to prevent unauthorized external communication. The undocumented devices found in Chinese inverters could bypass these safeguards, creating a backdoor for foreign adversaries to manipulate the U.S. power grid at will.

The Advanced Persistent Threat (APT) from China:

Beyond the inherent vulnerabilities of the inverters themselves, the U.S. energy sector faces a constant and growing threat from sophisticated state-sponsored hacking groups, often referred to as Advanced Persistent Threats (APTs). Chinese APT groups, known for their advanced tactics, techniques, and procedures (TTPs), have repeatedly demonstrated their intent and capability to target critical infrastructure, including the energy sector.

• Pre-positioning for Future Conflict: The FBI has repeatedly warned that Chinese state-sponsored hackers are actively “pre-positioning” themselves on U.S. critical infrastructure networks, including energy grids, water systems, and telecommunications. This suggests a strategic objective to be able to “wreak havoc” and cause real-world harm to American citizens and communities in the event of a future conflict. Groups like Volt Typhoon have been specifically identified by U.S. cybersecurity agencies (CISA, NSA, FBI) for compromising IT environments in critical infrastructure sectors, including energy, with the aim of maintaining persistent access for potential disruptive or destructive cyberattacks.
• Espionage and Data Exfiltration: Chinese APTs are not solely focused on disruption; they also engage in long-term espionage and data theft. They seek to steal intellectual property, sensitive information about grid operations, and insights into energy supply chains. This intelligence can be used to gain economic advantage or to identify further vulnerabilities for future attacks. The FBI has noted that Chinese hackers have targeted dozens of oil pipeline entities since 2011, in some cases ignoring business and financial information entirely while stealing data on control and monitoring systems.
• Sophisticated Attack Vectors: Chinese APT groups often employ sophisticated attack vectors, including spear phishing campaigns with malicious attachments, exploitation of zero-day vulnerabilities, and compromising vulnerable web applications to gain initial access. Once inside a network, they use advanced malware and “living off the land” techniques (using legitimate system tools to blend in) to maintain persistence and move laterally undetected for extended periods, sometimes months or even years. Groups such as APT31 have been linked to unauthorized access of a Texas-based energy company.
• Increased Targeting: An FBI notification to the energy industry, obtained by The Record, warned of a likely increase in targeting by Chinese and Russian hackers, driven by factors like increased U.S. exports of liquefied natural gas (LNG) and changes in the global crude oil supply chain. This signals an intensified focus on U.S. energy networks.

The National Security Implications:

The implications of these discoveries and ongoing APT activity for U.S. national security are profound:

• Grid Destabilization and Blackouts: A coordinated attack exploiting vulnerabilities in Chinese-made inverters, coupled with the pre-positioned access of APTs, could lead to widespread power outages, paralyzing vital services such as healthcare systems, emergency services, and defense facilities. This could have catastrophic economic and social consequences, particularly during times of geopolitical tension.
• Data Exfiltration: Beyond direct disruption, these hidden devices and APT activity could be used to extract sensitive information about the U.S. power grid, energy supply, and operational protocols, providing foreign adversaries with valuable intelligence.
• Supply Chain Vulnerability: China dominates the global solar inverter market, with companies like Huawei and Sungrow holding significant market share. This heavy reliance on Chinese manufacturing creates a critical supply chain vulnerability, making the U.S. susceptible to foreign manipulation and control over its energy infrastructure.
• Physical Harm: The discovery of “kill switches” suggests the potential for adversaries to not only disrupt but “physically destroy” parts of the grid, a chilling prospect for any nation.

Response and Path Forward:

U.S. energy officials are actively reassessing the security risks posed by Chinese-made components in renewable energy systems. The Department of Energy has confirmed ongoing efforts to address risks associated with undocumented software and hardware functionalities in imported systems. While specific manufacturers have not been publicly named, some utilities are already shifting towards non-Chinese suppliers.

Addressing this complex challenge requires a multi-faceted approach:

• Enhanced Scrutiny and Testing: Robust independent testing and verification capabilities are crucial to identify suspicious components and “backdoors” before installation. This demands a shift from reactive bans to proactive, comprehensive baseline requirements for all critical infrastructure components.
• Diversifying the Supply Chain: Reducing reliance on a single foreign source, particularly one with geopolitical tensions, is paramount. Investing in domestic manufacturing capabilities for critical energy components is essential to secure the supply chain.
• Strengthening Cybersecurity Protocols: Even with secure hardware, robust cybersecurity measures are necessary. This includes segmenting networks and implementing advanced detection mechanisms to prevent and mitigate potential attacks. Utilities are urged to remain vigilant and report suspicious activity to authorities like the FBI.
• International Collaboration: The threat extends beyond U.S. borders, with similar concerns emerging in Europe and South Korea. International cooperation in setting standards and sharing intelligence is vital to counter this global challenge.

The presence of undocumented “kill switches” in Chinese solar inverters, combined with the persistent and evolving threat from Chinese APTs, represents a silent but significant danger to the integrity and security of the U.S. power grid. As the nation continues its transition to renewable energy, proactively addressing these vulnerabilities and securing critical energy infrastructure must remain a top national security priority.