The expansion of solar energy in Lithuania is advancing towards the country’s strategic goals. In summer 2025, the number of prosumers exceeded 150,000, with growth since January surpassing 20 percent. Cyberattack numbers have increased even more rapidly in recent years. A recent US study identified vulnerabilities in solar power system software and highlighted cyberattacks already affecting Lithuania.
Joshua Murphy: “Germany offers battery revenues, but CEE is building the pipeline”
Lithuania’s National Cyber Security Center registered nearly 3,900 cyber incidents in 2024, 63 percent more than in 2023. The hacker group “Just Evil” attempted to access solar power monitoring systems last autumn. Ignitis Group reported the incident as minor, with no disruption to electricity generation. ForeScout experts noted that solar power systems are attracting hackers, particularly in Europe, where smart monitoring and control systems are widespread alongside growing energy storage capacity.
The ForeScout report cited severe power outages in Spain and Portugal in April 2025. Disruptions affected train services, airport operations, mobile networks, internet and payment systems. The event triggered debate on supply security and the need to strengthen grid infrastructure and cybersecurity during the energy transition.
Solar equipment shows multiple vulnerabilities
Experts note that solar devices are increasingly entering homes and businesses with low cybersecurity standards and limited risk awareness. As a result, threats are multiplying without adequate safeguards. In May 2025, a US research team analysed devices from 42 manufacturers and identified 35,000 unprotected control interfaces on inverters, access points, data loggers and monitoring systems. Manufacturers were notified of the vulnerabilities identified.
Solar Macedonia president: “Quality standards are key to sector growth”
The study covered products from Huawei, Sungrow, Ginlong Solis, Growatt, GoodWe and SMA. Components from Sungrow, Growatt and SMA showed a total of 46 vulnerabilities. ForeScout analysts stated that these could be exploited to control energy production or smart home devices, posing risks to user privacy and grid stability in large-scale attacks.
Japan provides an example: hackers targeted Contec’s SolarView Compact remote monitoring system, compromising 800 devices to gain access to bank accounts. Despite alerts to update the software, thousands remained unprotected a year later.
Lithuania restricting system access
Most solar power systems used in Lithuania are designed and manufactured abroad. The market is largely dominated by Chinese manufacturers and their products. According to the Ministry of Energy, Lithuania operates more than 1,000 solar and wind parks with capacities above 100 kW, as well as several battery systems of comparable size. Some of these rely on Chinese-made, remotely controlled management systems. The lower cost of Chinese technology has been one of the key drivers of its widespread adoption in the market.
Prof. Malka: Solar is key to Albania’s hydropower challenge
Acknowledging this, Lithuania has abandoned the idea of a complete ban on the use of Chinese equipment in solar and wind parks. However, since May this year, companies from China and other countries deemed a threat to national security have been barred from accessing or remotely controlling the management systems of solar and wind parks and battery facilities with capacities above 100 kW.
Operators of power plants in Lithuania are now required to implement additional safeguards to strengthen cybersecurity. The concern is that hostile states could exploit such equipment remotely to disrupt system operation and stability. China is listed among the countries identified in Lithuania’s National Security Strategy as a threat to national security and national interests.
Protecting the energy sector – a matter of national security
In May 2025, Reuters reported on an investigation that identified suspicious communication devices embedded in photovoltaic inverters manufactured in China and deployed in the United States. Information from the Department of Energy prompted the U.S. and other governments to assess more closely the potential impact of remotely disabling such inverters. More than a year ago, the FBI issued a notice to U.S. energy companies warning of growing cyber threats to the renewable energy sector.
Serbia – new market rules support solar expansion
Following this warning, ForeScout’s research division, Vedere Labs, outlined several recommendations in its report for managers and operators of solar and wind parks, including measures to ensure that inverter control interfaces are not accessible online. Risks can also be reduced through a structured software update strategy and ongoing maintenance carried out by specialised firms with the necessary expertise.
The report’s authors also advise organisations to update monitoring and remote control systems as soon as possible and to compile a list of systems that cannot be updated. They recommend evaluating whether such outdated solutions should be replaced. (mg)
Author: Dr Robertas Janickas, Chief Technology Officer at Inion Software. Edited by Manfred Gorgus, senior editor at pv europe.
