A growing number of solar panel installations in the Netherlands may be at risk, according to a recent report by the Rijksinspectie Digitale Infrastructuur (RDI). The report shows that many inverters, crucial components of these installations, do not meet standard security requirements. As a result, they can cause interference with other wireless devices and be vulnerable to hacking.
In 2021, the RDI launched an investigation into the compliance of solar panel inverters with regulatory requirements, specifically focusing on possible interference with other devices and their cybersecurity status. The study covered nine different inverters.
The results are sobering: none of the inverters examined were fully compliant. Five of the nine inverters tested were capable of causing failures. This can affect everyday devices such as radios or wireless tags for door access, which may malfunction or fail altogether. Even aviation and shipping could potentially be affected.
Even more worrying is the cybersecurity situation. None of the nine inverters met the cybersecurity standard, and this makes them susceptible to hacking, can be remotely disabled, used for DDoS attacks, or leaked personal and usage data.
In addition, none of the audited inverters meets administrative requirements. These requirements require, among other things, a consumer manual and the manufacturer's contact information in case there are questions or problems.
The RDI warns manufacturers producing faulty products to take appropriate action immediately. It advises manufacturers with substandard cybersecurity to upgrade their products for the new requirements that come into force on 1 August 2024.
Consumers are advised to purchase only inverters with a CE mark, indicating that the product is compliant. In addition, the RDI recommends being alert to faults and reporting them to the supplier. The RDI recommends securing inverters with strong passwords and regular updates to improve cybersecurity.