Beyond the inverter. Strategic risks in foreign-connected infrastructure.

The rapid expansion of renewable energy and digital infrastructure has brought with it a new set of challenges including the hidden vulnerabilities embedded in the technologies we increasingly rely on. Recent revelations concerning Chinese-manufactured solar inverters have cast a harsh spotlight on the risks associated with foreign-connected devices in critical infrastructure, with implications far beyond the energy sector.

The November 2024 inverter incident

In November 2024, solar inverters manufactured by Chinese company Deye were remotely disabled across several countries including the United States, the United Kingdom, and Pakistan. Devices were rendered inoperative, displaying messages stating they were “unauthorized” for use in these regions. This mass deactivation was reportedly triggered by a commercial dispute with U.S. distributor Sol-Ark, but the mechanism of remote shutdown via undocumented communication pathways raised urgent national security concerns.

While the incident did not lead to a blackout, it exposed a critical vulnerability: the ability of a foreign manufacturer to deactivate infrastructure remotely. Some of the affected devices contained hidden cellular radios undocumented in product manuals, that allowed them to bypass standard cybersecurity measures. This was not a hypothetical scenario. It was a demonstration of real-world remote control over assets embedded in national energy systems.

A wake-up call?

As Reuters reported on May 14, 2025:

“U.S. officials have identified rogue communication devices embedded in Chinese-manufactured solar inverters that could be used to remotely manipulate power infrastructure. These undocumented components, such as cellular modems and radio frequency modules, can circumvent standard cybersecurity firewalls.”

The term “ghost machines” is now being used to describe these compromised components such as hidden communication hardware that may operate beyond regulatory oversight.

Strategic exposure in the West

The scale of exposure is striking. In Europe, more than half of the continent’s solar capacity (over 200 gigawatts) is believed to rely on Chinese-made inverters. Meanwhile, in the United States, Chinese brands accounted for approximately 60 percent of residential solar inverter installations in 2023. This widespread dependence means that even a small coordinated disruption could have significant ramifications.

Beyond energy

This type of vulnerability is not confined to the solar industry. In the automotive sector, U.S. regulators have expressed growing concern about Chinese-connected vehicle technology, especially components with internet-enabled GPS, cameras, and microphones. The fear is that such systems could be tracked, disabled, or manipulated from abroad. In the domain of consumer electronics and infrastructure, British intelligence officials have warned that Chinese-made cellular modules often embedded in everyday IoT devices such as traffic lights, electric vehicles, and industrial systems, could be exploited to interrupt essential services.

In the area of surveillance, the U.S. Department of Homeland Security has flagged Chinese-manufactured internet-connected cameras as potential tools for espionage. These devices could, for instance, trigger false alarms, suppress real ones, or deactivate safety protocols entirely.

Government systems are not immune either. In late 2024, Chinese cyber actors infiltrated the U.S. Treasury by exploiting a vulnerability in third-party software. The attackers gained remote access to workstations and unclassified yet sensitive documents, further underscoring the reach and effectiveness of such digital threats.

The policy response taking shape

Governments around the world have started to act. The United States is considering legislation to prohibit the federal use of Chinese-manufactured solar inverters, echoing earlier bans on Huawei telecom equipment. Lithuania and Estonia have moved to restrict remote access to national energy infrastructure by foreign vendors. Within the European Union and the broader Five Eyes alliance, efforts are underway to diversify supply chains, harden cybersecurity, and build standards for verifiable, trusted technology in critical systems.

What these developments reveal may be a new doctrine of technological sovereignty. It is not about cutting off international trade or isolating innovation but rather about ensuring that the systems countries depend on, especially those tied to national security and public welfare, remain transparent, verifiable, and under domestic control. The Deye incident was a warning. Reuters’ reporting has made clear that the infrastructure of tomorrow will only be as secure as the weakest embedded device. As we build the networks and energy systems of the future, one question must remain central: who holds the off switch?