One of the world’s leading rooftop solar inverter makers has responded to Coalition claims that China made inverters pose a serious security risk to Australia and its energy grid, from “potentially catastrophic cyber attacks.”
In an email sent to RenewEconomy on Thursday evening, Shanghai stock exchange-listed inverter maker GoodWe said it “stands resolute” in its commitment to data security and cybersecurity.
“GoodWe …is deeply committed to data security and upholding the highest standards of cybersecurity in our products and operations,” the statement says.
“In light of recent concerns raised regarding the security risks associated with smart inverters and Chinese ownership in Australia’s energy sector, we would like to assure our customers, partners, and consumers that we take these matters with utmost seriousness.
“Transparency and compliance are core to our corporate values. We adhere to all applicable laws and regulations both in China and in other countries where our products are distributed,” the statement says.
“Our company operates independently, free from external influence, and we can assure our customers that our smart inverters are manufactured with the highest standards of data security in mind.”
The comments follow the claims from opposition home affairs and cyber security spokesperson James Paterson that Australia’s reliance on China made solar inverters has resulted in a grid “riddled with exploitable cyber security vulnerabilities” – a situation he says is being exacerbated by federal Labor’s “rush to renewable energy.”
“Smart inverters are internet-connected devices that can be controlled remotely over the internet, and are overwhelmingly supplied by manufacturers with links to the Chinese Communist Party,” he said.
A “fact sheet” accompanying Paterson’s press release provides a list of “smart inverter manufacturers with links to the CCP [China Communist Party] …including but not limited to Sungrow, GoodWe and Huawei.”
“Experts have said that the real danger point comes when these products reach a critical mass, when they reach a significant proportion of our rooftop solar and therefore a significant proportion of our electricity grid,” Paterson told Sky News last Friday.
“And then that could be disrupted by an external party, by a signals intelligence agency like the People’s Liberation Army’s cyberspace force or the Ministry of State Security cyber hacking unit.
“And that could not just damage those inverters and that source of power, it could actually do damage to our grid as a whole and take our whole grid offline.”
Paterson – a former fellow of the fossil fuel funded lobby group, the Institute of Public Affairs – is virulent anti-renewables and, like many of his Coalition partners, pro nuclear.
Nevertheless, his concern about solar cyber security is not entirely off-base. It is well understood by governments, regulators and industry that smart inverters are vulnerable to cyber attacks, by virtue of their being connected to the public internet – that is, they can be hacked and used for nefarious purposes, like other such consumer devices.
Other parts of Paterson’s claims are debatable, however, including how imminent this threat is, how much the Labor government is to blame for it, and how China-specific it might be.
According to Grace Young – chief innovation officer at WattWatchers and one of the experts cited in Paterson’s “fact sheet” – she “cannot agree” with a number of the Victorian Liberal MP’s claims.
“Cyber security in this space is a concern,” Young told RenewEconomy on Monday, having the previous week given a presentation on the subject at the EnergyNext conference in Sydney.
“We need to consider policy and protections against the sorts of threats that we’re seeing and can foresee, but it’s not something that should be stopping progress towards renewables.
“We are looking at mandated control mechanisms for solar over the next 18 months or so across the eastern seaboard – we’re not looking at an imminent threat.”
On China, Young told RenewEconomy that even if we took the “I would say, illogical” step of immediately banning all Chinese inverters, the same security issue remains.
“We need to focus on that,” she tells RenewEconomy. “It’s got nothing to do with a specific country …it’s a whole bunch of different things, and that [particular cyber security threat] could come from anywhere.”
For its part, GoodWe is keen to assure that it will not use its market position to spy on household energy data or to launch a cyber attack.
“GoodWe stands resolute in our commitment to data security and cybersecurity,” says CEO and founder Huan Min.
“Our global presence, local contributions, and unwavering transparency reflect our mission to empower individuals and businesses with efficient and secure energy solutions.”
