On April 28th of this year, Spain and Portugal experienced a massive power outage, with electricity supply reduced by up to 60%, marking the most severe blackout event in half a century. The two countries have prided themselves on their transition to renewable energy sources, with solar and wind power accounting for up to 40%, but this crisis revealed vulnerabilities in their systems.
Following the incident, European society has begun to reexamine the safety of renewable energy infrastructure, especially the risks associated with relying on Chinese-made solar equipment.
The specific reasons for the blackout are still under investigation. Preliminary information suggests that a sudden drop in solar power generation triggered the automatic activation of protection mechanisms within the system, combined with abnormal conditions in the neighboring French grid, leading to a cascading effect that resulted in the collapse of the regional power grid. With a high dependence on Chinese-made components, especially inverters, concerns about information security and geopolitical risks have become a focus of international attention.
During the crisis, a piece of technical equipment that became a focal point of safety discussions was the power inverter in solar energy systems. This equipment is responsible for converting direct current produced by solar panels into alternating current and transmitting it to the grid, earning it the nickname of “the brain of solar energy systems.”
According to a report by Nikkei Asia on May 17th, the inverters widely used in Europe are mostly manufactured in China, with Huawei Technologies being one of the major suppliers in the European market, holding a market share of around one-third.
SolarPower Europe, an association representing the solar industry in Europe, released a report on April 29th stating that smart inverters with remote monitoring and control functions, while facilitating operation and maintenance, have become a potential cybersecurity vulnerability. The report’s simulations indicate that a cyber-attack on a 3 gigawatt solar system could severely disrupt the stability of the European grid. With seven companies controlling over 10 gigawatts of inverter capacity, the consequences of an attack on one of these systems could be catastrophic.
Marius Bakke, Vice President of Rystad Energy, a research institution based in Oslo, Norway, warned that granting remote access to the European power infrastructure through inverters could have serious repercussions if infiltrated by hackers.
The European Commission announced on April 28th that following meetings between EU commissioners and Huawei-related associations, Huawei was subsequently expelled from the European solar industry association.
Several Huawei executives are currently under investigation in Brussels, with some facing formal charges related to allegations of bribery of EU lawmakers.
Last year, the EU initiated an investigation into Chinese solar panel manufacturers, questioning their unfair competition practices. Ultimately, two Chinese firms withdrew their bids in a public tender in Romania.
Security concerns extend beyond remote control functions. According to a report by Reuters on May 14th, some Chinese-made inverters were found to contain unidentified communication devices internally.
Citing two anonymous sources, the report states that U.S. energy officials are reassessing the security risks posed by Chinese-made equipment. Suspected communication devices not documented in product specifications were found in some Chinese inverters, though the exact number of devices involved was not disclosed.
Although the report could not independently verify the claims, the European Solar Manufacturing Council has expressed “grave concerns” and urged the European Commission to promptly establish a “cybersecurity toolbox” to enhance testing and protection standards for inverters and related critical equipment.
Shen Mingshi, a researcher at the Taiwan Institute for National Defense and Security Studies, analyzed that any Chinese-made equipment, including energy facilities and monitoring devices, may contain Trojan programs or communication setups designed to collect sensitive data. He emphasized that this is not just a corporate responsibility but also involves the integrity of national information security systems.
Shen Mingshi indicated that the Chinese Communist Party has previously embedded communication functions in surveillance equipment from companies like Hikvision Digital Tech. and in platforms like DeepSeek AI, even in maritime facilities like buoys.
He stressed that these devices pose not only commercial risks but also national security risks. If allowed to transmit sensitive data back to China, it could lead to a slow infiltration impacting overall national security.
Regarding Europe’s relatively weak cybersecurity defense in the renewable energy field, Dr. Wang Xiuwen, an assistant researcher at the same Taiwan institute, noted in an interview with the Epoch Times, “The West first recognized the technological threat from China in the 5G arena, expanding to the semiconductor field. However, they initially did not realize that China could ‘play tricks’ in renewable energy sources.”
Dr. Wang Xiuwen, who works at the institute’s Department of Chinese Politics, Military Strategy, and Operational Concepts, mentioned that the Chinese Communist Party invested heavily in the EU’s clean energy programs after the 2009-2010 European debt crisis, becoming part of regional cooperation. “Huawei is likely involved not only in 5G but also potentially in solar energy research projects, leading to a relatively lenient view from certain European political circles.”
Now, with the major blackout in Spain and Portugal and related security concerns exposed, Europe is forced to confront the risk of data collection and potential infrastructure paralysis posed by Chinese-made equipment. Dr. Wang Xiuwen believes, “This is evidence for Western countries, post-5G, once again discovering clear signs of security vulnerabilities hidden in Chinese equipment.”
According to the 2024 report by the International Energy Agency (IEA), China currently holds approximately 80% of the global solar energy market share and has far outpaced global demand, leading to a comprehensive decline in prices. Through substantial subsidies and industrial investments, Beijing managed to drive down solar panel prices by 80% over a decade, thereby rapidly expanding its global solar energy market share.
Vincent Delporte, Public Affairs Manager at the French startup HoloSolis, warned, “Without accompanying measures to promote European manufacturing and market regulations, European-made solar modules will be completely unable to compete with Chinese products.”
This also implies that if the supply from China is interrupted or subjected to political risks, the energy transition in Europe could face an immediate halt. Bakke bluntly stated, “Supply issues of photovoltaic components from China have always been a significant concern for European energy security.”
Doug Steinhardt, former New Jersey GOP chairman and current state senator, stated in a recent declaration that the discovery of abnormal communication devices exposed security vulnerabilities in the US infrastructure.
Steinhardt emphasized in the statement, “Immediate action must be taken to prevent critical assets such as energy systems, food supplies, or other key assets from falling into the hands of bad actors.”
According to Reuters, other countries like Lithuania and Estonia have also recognized the threats to energy security. In November last year, the Lithuanian government passed a law prohibiting remote access by China to solar, wind, and battery devices exceeding 100 kilowatts.
In the UK, it was revealed by insiders that the government’s scrutiny of Chinese renewable energy technology within the energy system, including inverters, will be completed in the coming months.
NATO officials have noted that Beijing’s efforts to control member countries’ critical infrastructure, including inverters, are intensifying, necessitating a reassessment of strategic dependencies and measures to reduce such reliance.
Dr. Wang Xiuwen believes that the most pragmatic approach for Europe and the US at this stage is to conduct a comprehensive inspection of potential risks posed by Chinese-made equipment in existing infrastructure. “These devices may have already embedded rogue communication modules or malicious programs, waiting for activation.” She advocates for Europe to adopt rigorous technical inspections and import control regulations similar to those in Australia and the US.
Dr. Wang Xiuwen warned, “The difference between the Chinese Communist Party preemptively attributing faults without evidence and the West conducting comprehensive investigations after evidence is found is a systemic gap that must be promptly strengthened by Europe and America.”
She also urged the EU to transparently disclose investigation results to enable other countries to rigorously assess whether similar risks are present in their infrastructure.