U.S. energy‑sector forensic teams have begun disassembling Chinese‑manufactured solar inverters and grid‑scale batteries after discovering undocumented 4G/LTE modules and other wireless communication transceivers buried on the circuit boards, according to two people involved in the tear‑downs. The covert hardware, absent from published schematics, creates an out‑of‑band path that can tunnel straight through utility firewalls, potentially granting offshore operators the ability to reconfigure or even turn off power‑conversion equipment at will.
“There is clearly strategic value in seeding core infrastructure with components that can be flipped off like a light switch”
Former National Security Agency director Mike Rogers tells Reuters.
While the Department of Energy (DOE) has not publicly commented on the November outage, officials confirmed they are “continually reassessing the risk of undocumented functionality” and are pressing suppliers for a complete Software Bill of Materials.
Modern distribution grids lean heavily on inverters to translate DC from solar, storage, heat‑pump drives, and EV chargers into AC usable by the network. Because inverters operate in millisecond feedback loops with grid‑control systems, mass manipulation of their set‑points can destabilise frequency and voltage in seconds, far faster than conventional protective relays can respond. “That effectively means there is a built-in way to physically destroy the grid,” one source familiar with the discoveries reported to Reuters.
A March 2025 report by Forescout researchers documented critical vulnerabilities from several solar inverter wireless communication dongle manufacturers. The researchers demonstrated how malicious actors could remotely access these 4G/Wi-Fi/GPRS-enabled devices via the cloud and then send signals to destabilize nearby or connected solar infrastructure. Additionally, compromised dongles could allow attackers to move laterally into other sensitive equipment on protected networks, echoing warnings given by NIST in December of last year.
Forescout also reported three additional cybersecurity incidents involving solar power monitoring devices in 2024:
Congress is already weighing proposed bans on federal purchases of Chinese batteries beginning in 2027, and utilities from Florida to the Pacific Northwest are racing to qualify “trusted” inverter lines amid warnings from NATO and the Baltic states that energy blackmail via remote disconnection is now a realistic scenario.
An April 2025 risk assessment from SolarPower Europe and DNV warns that seven inverter makers control more than 10 GW of connected capacity each across the continent. “A compromise of just one of these players could destabilise the European electricity grid,” the report states, adding that sensitive operational data remains exposed when vendors host management servers outside the EU.
However, visibility, not sourcing, remains the immediate pain point of these risks. As critical US and EU industries continue to modernize their infrastructure, energy, and manufacturing, they are introducing more and more “smart” equipment into their previously isolated facilities. Wireless chips, which are increasingly smaller and harder to spot, can be overlooked, or deliberately hidden, in any new component, not just inverters.
Bastille Networks provides a Wireless Airspace Defense platform to detect these rogue wireless radios. Bastille’s passive sensor arrays detect cellular, Wi‑Fi, Bluetooth, Zigbee, Z‑Wave, and other protocols across 25 MHz–7.125 GHz, locate each transmitter to within one to three meters accuracy, and stream AI‑driven intelligent event reporting and risk analytics into existing XDR and SIEM workflows.
Unlike network‑centric tools that watch only IP traffic, Bastille surveils the physical‑layer wireless emissions of every component, whether documented or not, continuously comparing behaviour against baseline models for OT environments.
Before a contract dispute or nation‑state play turns distributed energy resources into a remote kill‑switch, make sure Bastille is by the breaker panel.
Source: https://bastille.net/hidden-devices-found-solar-grid-inverters-batteries