Cyber

Wed, Jun 18, 2025

The Invisible Threat: Rethinking OT Security for Clean Energy and National Infrastructure

Sameer Koranne

Sameer Koranne

A recent revelation of a Chinese-manufactured “kill switch” embedded in power inverters has reignited global conversations about cyber risk, supply chain vulnerabilities and geopolitical dependencies in the Operational Technology (OT) ecosystem.

Wake Up Call for OT Security?

Inarguably, the clean energy sector is experiencing rapid expansion and growth as the world tries to combat climate change and transition to sustainable energy sources. The global supply of critical minerals essential for clean energy technologies is increasingly concentrated, with the top three producers accounting for 86% of the market share for key materials like copper, lithium, cobalt, graphite and rare earth elements in 20241. China is a leading refiner for 19 out of 20 strategic minerals and has an average 75% market share. China also leads the solar photovoltaics (PV) production in the world.

It is quite common for the Industrial Control System (ICS) vendors (e.g. turbine vendors in the wind energy sector) to have or seek remote management access to the operational environment. This access allows vendors to provide essential support services, such as performance monitoring, firmware updates, diagnostics, troubleshooting and predictive maintenance. However, such access requirements must be clearly documented in the contracts and must be known to the owner-operators, because such a practice introduces a significant cybersecurity risk.

Earlier in May 2025, cybersecurity researchers from the U.S. Department of Energy identified the existence of undocumented rogue communication devices in solar inverters that could allow unauthorized remote access to the underlying infrastructure. The researchers were not named; the vendors were not identified in the article and no government has acknowledged the discoveries. Currently, there is a lot of ambiguity around this topic. However, it evidently highlights some fundamental supply chain concerns in ICS. This isn't an isolated anomaly. Such hardware and software components, often embedded with opaque firmware or source code, or open-source unmanaged software pose systemic risks to the operational resilience of critical infrastructure.

These supply chain risks are not new. As of May 2025, several countries have implemented bans or significant restrictions on Huawei's and ZTE’s involvement in their 5G, government and military networks, primarily due to national security concerns. In 2023, the UK's National Grid initiated the removal of components supplied by NR Electric UK, a subsidiary of China's state-owned technology company from the transmission network due to security concerns.

Unlike traditional power plants that are centralized and can be better secured, renewable energy installations are spread across large geographic areas, creating a wider attack surface. With astronomical growth of clean energy initiatives over the last decade, the operational continuity and resilience of such infrastructure is becoming critical for several essential services. This situation is aggravated due to the lack of enforcement of uniform OT security standards, especially in the fast-moving, cost-competitive clean energy sector.

Supply Chain Vulnerabilities and Vendor Influence

Many clean energy system components are sourced from countries with differing regulatory standards and may have or possess adversarial geopolitical positions. The ICS / OT systems depend on vendor-owned proprietary technology and systems, introducing the following key risks:

  • Undocumented or Unmanaged Components–These hardware or software components can shelter vulnerabilities, backdoors or malware that can go undetected until exploited. It poses elevated risks of supply chain attacks and unauthorized access to critical systems.
  • Firmware Backdoors and Update Control –Components may ship with undisclosed functionalities or backdoors. Vendors may use undisclosed access to issue firmware updates that can alter system behavior.
  • Data Sovereignty–Systems may transmit sensitive operational data without approval or knowledge of owner-operators.

Such scenarios can lead to supply chain compromises, a tactic that nation-state actors have increasingly used in the past.

What is Needed?

Addressing these risks requires a multi-layered approach involving focus on people, processes and technology:

1) Enhanced Vendor Due Diligence

Before procuring any specific system, it is essential that the organization clearly defines the procurement controls:

  • Policies and standards for sourcing the products and systems from foreign markets. These must consider geopolitical factors, not just cost or performance factors.
  • ICS Vendor contract terms that require:
    • Hardware and Software Bill of Material (BOM) from the vendor while taking the system delivery. Seek updates when major changes to the system are made. Software (SBOM) and Hardware (HBOM) is a comprehensive list of components used in a system.
    • Ability to test and audit the products by a third party
    • Strict requirements and mechanisms for remote access

In 2009, the U.S. Department of Homeland Security (DHS), in collaboration with the Department of Energy (DOE), released the Cyber Security Procurement Language for Control Systems2. This document provides security principles to assist organizations in integrating cybersecurity requirements while procuring industrial control systems and related services. It clearly outlines the expectations of transparency and disclosure.

The topic of BOM, ever since, has been re-emphasized in several regulatory standards and guidelines:

  • U.S. Executive Order 14028 (2021) – Executive Order directed NIST and other federal agencies to define minimum elements of a SBOM and encouraged its adoption for all software used in federal systems.
  • U.S. Department of Energy – Cybersecurity Capability Maturity Model (C2M2) encourages maintaining inventories of system components and software.
  • ISA/IEC 62443-2-4 and 4-1 - provide guidelines for component transparency, identification of software for change and vulnerability management.
  • NIS2 Directive and Cyber Resilience Act (CRA) – has highlighted supply chain risk management by maintaining component transparency, effectively necessitating SBOM and HBOM for compliance.

2) During System Design: Network Segmentation and Monitoring

Design and implement strict network segmentation between IT, cloud, internet and OT environments. Add OT Intrusion Detection Systems (IDS) and endpoint protection tools that can provide real-time threat and anomaly detection systems to identify anomalous traffic initiated by the system components.

3) Product Testing

However, thorough testing of the systems should be conducted before go-live.

  • Perform visual inspection: Open all enclosures to identify and validate the internal components with the official HBOM or vendor documentation. Flag unexplained parts for hardware penetration testing and forensic analysis.
  • Conduct thorough vulnerability assessment and penetration testing of the system during factory acceptance testing (FAT) or system acceptance testing (SAT).
  • Scan for radio signals in the system using commercial tools to identify undocumented communication channels.

4) Resilience Planning

Prepare for worst-case scenarios through tailored incident response plans and resilience exercises (business continuity and disaster recovery), ensuring that the systems, by the virtue of their operations, can recover from the adverse impacts.

Conclusion 

Clean energy is the backbone of a decarbonized future, but sustainability without security is a false promise. As nations invest billions into solar farms, wind turbines, smart grids and EV infrastructure, they must not overlook the silent vulnerabilities introduced by insecure OT systems and foreign-controlled supply chains. The government has taken several steps to emphasize and mandate the requirements. However, more is needed. The ICS vendors globally must adhere to strict certification and standards to provide necessary transparency to the owner-operators to ensure that they can maintain a safe and reliable operational environment. The discovery of the “kill switch” in Chinese inverters is an indication. It isn’t too late to do the right thing - building secure and transparent OT infrastructure that can withstand both technological advancement and geopolitical changes. Finally, it is a fallacy to assume cybersecurity. Owner-operators must maintain high vigilance. A comprehensive coordination between Enterprise Risk Management (ERM), procurement, operations and cybersecurity teams is essential to strengthening the cybersecurity posture of critical infrastructure and OT systems.

If your organization relies on ICS, now is the time to act. Our team can help you assess your OT environment, identify hidden risks and implement practical, standard-aligned strategies to strengthen your cybersecurity posture. Contact us today to evaluate your OT security and ensure your infrastructure is not only sustainable—but secure.

Discover Our OT Security Services

 

Sources:
1 Report: World's supply of critical minerals for clean energy is concentrated in fewer countries | AP News
2 Cyber Security Procurement Language for Control Systems

Stay Ahead with Kroll

Operational Technology Security

Safeguard your most critical systems against cyber threats with Kroll’s comprehensive OT security services, ensuring visibility, business continuity and resilience.

Operational Technology Security

Kroll is headquartered in New York with offices around the world.

One World Trade Center
285 Fulton Street, 31st Floor
New York NY 10007
+1 212 593 1000
Sign up to receive periodic news, reports, and invitations from Kroll. Our privacy policy describes how your data will be processed.

More About Kroll

More About Kroll
© 2025 Kroll, LLC. All rights reserved. Kroll is not affiliated with Kroll Bond Rating Agency, Kroll OnTrack Inc. or their affiliated businesses. Read more.
Return to top