80 per cent of European inverters from China
Chinese manufacturers such as Huawei, Sungrow, Growatt and Goodwe dominate 80 per cent of the European market for smart inverters. In Germany, which was still market leader ten years ago, 8 out of 10 inverters now come from China. In Belgium and the Netherlands too, you mainly see Chinese brands.
That dominance became a security issue in May 2025 when American researchers discovered undocumented communications equipment in Chinese inverters. Small transmitters and mobile radios not listed in technical specifications can bypass firewalls and enable direct communication with China. The question is simple: if this occurs in the US, is it also in European installations?
Dutch hacker gains access to a million inverters
In 2022, a Dutch ethical hacker demonstrated the vulnerability. He gained access to a Chinese platform controlling a million installed inverters. The master administrator’s password was not secured. Only after eight months and intervention by the Dutch government via the Chinese embassy was the leak closed.
The Netherlands subsequently had nine inverters examined for cybersecurity. Not a single one met the minimum European security standards. In 2024, a Dutch hacker again gained access to a platform with four million inverters. Multiple security vulnerabilities were identified at a German and two Chinese manufacturers at the end of March 2024.
👀 Thousands to be controlled simultaneously
A Belgian installer demonstrated how he could control 4,500 inverters simultaneously from his office. “I can update them remotely, but also shut them down”, he showed. Not to do harm, but to show how vulnerable the system is. “If I can do that, then the chap in his ivory tower in China can obviously do it too.”
Three vulnerabilities
Security experts from Secura identified three attack routes on behalf of the Dutch government:
Cloud portals
Most people monitor their yield via online platforms. Hackers can gain access to thousands of installations at once through weak spots in these platforms.
Software exploits
Security vulnerabilities in inverter software provide direct access. A German inverter manufacturer reports that their installations are attacked weekly.
Hardware backdoors
Hidden components that bypass firewalls, as discovered in America. This hardware can be activated at any moment.
Secura warns that disruptions could cripple regional or national power supply.
Flanders has no overview
In Flanders, all inverters must be registered with Fluvius for technical inspection. This data is in databases, including brand, type and manufacturer. Yet there is no real ‘inventory’ available.
European responses divided
Lithuania already banned larger Chinese inverters and is considering extension to smaller models for private individuals.
Estonia: The head of the Foreign Intelligence Service called for a ban on Chinese inverters.
United Kingdom is conducting a review of Chinese renewable energy technology in the British energy system.
Netherlands tightened controls. The Telecom Agency launched an investigation into inverters following the hacking incidents. Industry organisations Holland Solar, NedZero, Energie Nederland and ESNL called on the House of Representatives for additional measures.
SolarPower Europe, the European interest organisation, expelled Chinese market leader Huawei from their organisation in March 2025. Huawei was an important sponsor, but after a European corruption scandal in which the company is suspected of bribing officials, the position became untenable.
New European legislation
From August 2024, wirelessly connected devices, including inverters, must comply with cybersecurity requirements under the Radio Equipment Directive. The Telecom Agency can remove devices that do not comply from the market.
The Netcode on Cybersecurity imposes binding requirements on entities that pose a risk to the European electricity grid. Important: these rules also apply to entities outside Europe that remotely control inverters on a large scale.
The NIS2 directive must be translated into Dutch and Belgian legislation. Industry organisations find the current implementation insufficiently focused on the energy sector.
SolarPower Europe demands that inverters be considered critical infrastructure with stricter security requirements. They warn that Chinese companies are bound by laws whereby they must support China’s state interests.
European alternatives
European manufacturers have a smaller market share, but offer more security. They are praised by their installers and consumers for their:
- Longer lifespan
- Reliable warranties
- Local support
- More transparent data security and firmware management
These brands are 20-40 per cent more expensive than Chinese alternatives. For an installation of 5,000 euros, that means a difference of 1,000-2,000 euros. But you reduce dependence on one production area and get better local support.
Offline configuration possible
Inverters can perform their basic function (converting current) without an internet connection. This completely eliminates external access.
❌ Disadvantage: no remote monitoring, no automatic updates.
✅ Advantage: nobody can shut down your system from outside.
What to do in case of power outage due to attack
If a large-scale attack hits the grid, your power supply will fail. Plug-in batteries help to a limited extent because they need electricity to charge.
More effective solutions:
- Portable solar panels with their own inverter that are not connected via the internet. These continue to work regardless of what happens to the grid.
- Generators running on petrol or diesel provide independent power supply for essential appliances.
- Home batteries that are pre-charged offer bridging for basic needs.
🧷 Discover also: 8 products that make your life easier during power outages
🧷 Discover also: 3 plug-and-play solar panels