According to the Dutch regulator for digital infrastructure, many inverters do not meet safety requirements. For example, they can cause interference with other wireless devices and are relatively easy to hack.

The Dutch government is very concerned about a large part of the solar panel inverters on the (Dutch) market. This is what the National Regulatory Authority for Digital Infrastructure (RDI) writes on its website. An investigation by the government department that started in 2021 shows that many inverters do not meet the legal safety requirements. As a result, they can cause malfunctions or are easily hackable. The Rijksdienst examined nine inverters and none of them seemed to meet all the requirements.

disturbances

Five of the nine inverters were found to be capable of causing interference that could cause everyday applications such as radios or wireless tags to malfunction. According to the service, even aviation and shipping could be affected. In the field of cybersecurity, researchers saw an even more troubling picture. None of the inverters met the standard, so they were easy to hack. They can therefore be used for DDoS attacks. That’s not so far-fetched: the much-discussed Mirai botnet could do major damage through DDoS attacks carried out using all sorts of easily hackable smart devices. Personal and usage data can also be stolen via the inverters.

None of the inverters meet the official requirements. For example, they must be provided with an instruction manual in order to use the product properly. At the same time, the manufacturer must make his address data public so that the customer can contact him with questions or problems. Because these manufacturers are legally obliged to take appropriate measures in the event of a disruption to prevent them from bringing even more disruptive products onto the market.

Advice for manufacturers and consumers

The Rijksdienst recommends manufacturers of products with insufficient security to adapt the devices. From August 1, 2024, the cyber security requirements will apply. The research results allow the manufacturers of the inverters to take the necessary measures so that from that moment onwards they comply with all the strict safety measures.

The customer is also advised. For example, the government agency requires that only inverters that have a CE mark be purchased and installed. Without this marking, the inverter does not meet the requirements. The RDI asks consumers to be aware of disruptions and report them to the supplier immediately. To increase cyber security, the RDI recommends, among other things, securing solar inverters with strong passwords and carrying out regular updates.