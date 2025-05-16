



A postponement underlined that American energy officials are reassessing the potential risks associated with Chinese manufacturing devices which are an integral part of renewable energy infrastructure, following the discovery of unexplained communication equipment within some of these devices, according to two familiar sources with the situation. Electric inverters, which are mainly manufactured in China, are essential to connect solar panels and wind turbines to electricity networks in the world. These devices are also used in batteries, heat pumps and electric vehicle chargers.

Although the inverters are designed for remote access to facilitate updates and maintenance, public service companies generally implement firewalls to block direct communication with China and protect their systems.

Reuters was unable to determine the number of inverters and solar energy batteries they have examined. However, the lagish communication devices not listed in product documents have been found in certain Chinese solar energy inverters by American experts who undress the equipment connected to the grids to check the security problems, the two people said.

In the past nine months, undocumented communication devices, including cellular radios, have also been found in certain batteries of several Chinese suppliers, said one of them.

American experts would have found coronous communication devices, including cellular radios, in Chinese manufacturing solar inverters and batteries in the last nine months. These undocumented devices create additional communication channels that could bypass remote firewalls, laying significant security risks.

The exact number of affected devices has not been determined and the sources remained anonymous due to media restrictions. They also chose not to disclose the names of the Chinese manufacturers responsible for the inverters and batteries equipped with additional communication devices, and they would not reveal the total number of such discovered devices. The American government has not yet made a public declaration concerning the conclusions.

In remarks to Reuters, the American Department of Energy (DOE) said that it continuously evaluated the risks associated with emerging technologies and that there were significant challenges with disclosing manufacturers and documenting features.

Although this feature may not have a malicious intention, it is essential for those who get a complete understanding of the capacities of the products received, said a spokesperson.

The work is underway to fill all the gaps in disclosure via the material bill (SBOMS) or the inventories of all the components that make up a software application and other contractual requirements, the spokesman said.

The industrial cyber has contacted the DOE and will provide an update.

The disclosure comes while the American critical infrastructure sector is increasingly vulnerable to sophisticated cyber-menices, with recent attacks such as salt and typhoon volt highlighting growing risks.

The Salt Typhoon group, which would be linked to actors sponsored by the State, is at the origin of a hacking campaign nicknamed Salt Typhoon by the investigators. These cyber adversaries, allegedly linked to China, have infiltrated the large-band networks. The group's tactics involve the deployment of malware that allows unauthorized access to vital infrastructure, such as energy networks and water processing facilities, often leading to data theft or system disturbances. These attacks can have serious consequences, affecting both operations and the broader public.

Volt Typhoon, another advanced group of persistent threat (APT), was observed by infiltrating critical infrastructure by exploiting weaknesses in IT and OT (operational technology) environments. Their attacks are particularly worrying because they can target both digital networks and physical components of critical systems. The capacity of typhoons to adapt and move laterally in the compromised networks underlines the complexity of modern cyber-men, in particular in the sectors where operational continuity is essential.

In March, researchers from Forescout Researchs Vodere Labs discovered vulnerabilities in solar energy systems after analyzing six main manufacturers of inverters, including Huawei, Sungrow and SMA solar technology.

The study, called Sun: Down, revealed that Sungrow, SMA and Growatt had nearly 50 vulnerabilities that could potentially disturb the electricity network and cause Panus breakdowns. In total, 93 known vulnerabilities have been identified, 80% classified as a high or critical severity, marking between 9.8 and 10 on the CVSS scale. These vulnerabilities have significant risks, allowing potential attacks on electrical networks and intelligent home devices.

Anna Ribeiro

Industrial Cyber-News publisher. Anna Ribeiro is an independent journalist with more than 14 years of experience in the fields of security, data storage, virtualization and IoT.

Sources 1/ https://Google.com/ 2/ https://industrialcyber.co/utilities-energy-power-water-waste/us-energy-sector-at-risk-as-chinese-inverters-are-under-investigation-for-suspicious-communication-gear/ The mention sources can contact us to remove/changing this article

