Table of contents
Share Post

The Grid Is Getting Smarter—But Is It Getting Safer?

We don’t think about the power grid often.

Flip a switch, charge a phone, run a business—it just works. For over a century, electricity has been one of the most reliable systems in modern life. Quiet. Predictable. Invisible.

But that’s changing.

In this episode of Solar Coaster, we explore a shift that’s happening faster than most people realize: the electric grid is becoming digital, decentralized, and deeply connected.

And with that transformation comes a new reality:

The grid is no longer just infrastructure. It’s a network.

From Centralized Power to Distributed Everything

Traditionally, electricity flowed in one direction.

Massive power plants generated energy and pushed it downstream through transmission lines to homes and businesses. It was linear, controlled, and—most importantly—isolated.

Now, we’re entering a new era.

Rooftop solar panels, home batteries, and electric vehicles have turned millions of consumers into energy producers. This shift, known as distributed energy resources (DERs), is fundamentally changing how the grid operates.

Instead of a one-way system, we now have a multi-directional network where energy flows in real time between homes, businesses, and utilities.

It’s more efficient. More resilient. More sustainable.

But it’s also far more complex.

The Hidden Layer: Digital Connectivity

To manage this new level of complexity, the grid relies on constant communication.

Solar systems talk to inverters.
Inverters talk to utilities.
Utilities talk to grid operators.

All of it happens digitally. All of it happens in real time.

And all of it is connected to the internet.

That’s where things get interesting—and concerning.

Because once energy systems become digital systems, they inherit the same risks as any other connected technology.

They can be accessed.
They can be manipulated.
They can be attacked.

Why Inverters Matter More Than You Think

One of the most critical components in this new grid is the inverter.

At a basic level, inverters convert energy from solar panels into usable electricity for homes. But in today’s grid, their role is much bigger.

They regulate voltage.
They stabilize energy flow.
They help maintain grid balance.

In many ways, they act as the “decision-makers” of modern electricity systems.

And that makes them a target.

If compromised, inverters can be used to:

  • Disrupt voltage levels
  • Send power in unintended directions
  • Trigger cascading failures across the grid

This isn’t hypothetical. It’s already been demonstrated in real-world cyberattacks.

A Growing Threat Landscape

One of the most striking examples came in 2015, when attackers infiltrated Ukraine’s power grid and shut off electricity to hundreds of thousands of people.

It was a turning point.

It proved that digital access to energy systems could result in real-world consequences—immediate, physical, and widespread.

Since then, the threat has only grown.

Cyberattacks targeting utilities in the United States have increased significantly, highlighting the grid’s status as a high-value target.

And as more distributed energy devices come online, the number of potential entry points continues to expand.

The Security Gap

Here’s the challenge:

The energy transition is moving faster than cybersecurity standards.

Many solar and battery systems were designed with performance and cost in mind—not security. Features like encryption, authentication, and secure updates weren’t always prioritized.

As a result, millions of devices currently connected to the grid may not meet modern cybersecurity expectations.

It’s not that the industry ignored security—it’s that the importance of it has evolved dramatically.

What used to be an operational consideration is now a foundational requirement.

Security by Design: The Path Forward

The solution isn’t to slow down the energy transition. It’s to secure it.

That means adopting a “security by design” approach—building protections into systems from the very beginning.

This includes:

  • Strong authentication protocols
  • Encrypted communications
  • Secure software updates
  • Standardized security requirements

New frameworks, like UL 2941, are emerging to help define what “secure” looks like in a decentralized grid.

These standards provide a baseline for manufacturers, utilities, and developers—ensuring that connected energy devices meet consistent security expectations.

A New Definition of Energy Security

For decades, energy security was about physical assets—fuel supply, infrastructure, and access.

Today, it’s about something less visible but equally critical:

Code. Communication. Connectivity.

The grid is no longer just wires and transformers. It’s software, data, and digital interaction.

And protecting it requires a new mindset.

The Bigger Picture

The transition to renewable energy is one of the most important shifts of our time.

It promises cleaner air, greater resilience, and more control at the individual level.

But it also introduces new risks that we can’t afford to ignore.

As we build the grid of the future, we have an opportunity—and a responsibility—to build it right.

Because in a world where every home can generate power, every device becomes part of something bigger.

The question isn’t just whether the grid will evolve.

It’s whether it will evolve securely.

Sponsored by Sun Energy Today

This episode is sponsored by Sun Energy Today, a commercial solar and storage developer focused on MW-scale infrastructure and long-term energy resilience.

🌐 https://sunenergytoday.com/
💼 https://www.linkedin.com/in/atzael-herrera/

Listen to the Full Episode

🎧 Spotify: https://open.spotify.com/show/28LLOtNEQj8ZoCZJqVOa7o
🎧 Apple Podcasts: https://podcasts.apple.com/us/podcast/the-solar-coaster-podcast/id1832579656
🎧 Amazon Music: https://music.amazon.com/podcasts/342b84c9-ccb9-4cdb-99cc-ed6254503bfa/the-solar-coaster-podcast
🎧 iHeart Radio: https://iheart.com/podcast/292376116/
📺 YouTube: https://www.youtube.com/@solarcoasterbook

📖 Get the book:
https://www.amazon.com/dp/B0FSGKKV8X?psc=1&smid=A1Y53T3O3Q25L8&linkCode=sl1&tag=annacovert-20&linkId=1dfad38ae3d56078f509025bc52227db&language=en_US&ref_=as_li_ss_tl

⚠️ AI Transparency Notice: This episode uses AI-generated voice technology based on the real voices of Anna Covert and Alex Herrera. Both individuals have provided full knowledge and consent for their voices and likenesses to be used in this AI-produced episode. The insights shared reflect their real-world experience and professional viewpoints. This episode is clearly labeled as AI-assisted and is not intended to mislead viewers regarding identity or authorship.

Full Podcast Transcript:

The Solar Coaster Podcast Transcript

The Grid Is Getting Hacked: Solar & Cybersecurity Explained

Anna Covert: Think about the last time you walked into a dark room and flipped the light switch. It is such an automatic, thoughtless gesture. The light comes on, and you go about your day. We practically take it for granted as a fundamental law of nature. But behind that tiny piece of plastic on your wall is arguably the largest, most complex machine ever built by human hands—the electric grid. For over a century, it has been a relatively quiet, mechanical beast. But right now, at this very second, that beast is undergoing a radical, almost invisible mutation. It is waking up. It is getting smart. And as it connects to the digital world, it is leaving its back door wide open.

Alex Herrera: That is a chilling way to put it, but it is entirely accurate. We are living through a massive paradigm shift in how human beings generate and consume power. We are moving from a world of massive, isolated power plants to a decentralized web of millions of tiny power generators—rooftop solar panels, home battery walls, electric vehicles. It is a beautiful vision for a green, resilient future. But here is the catch that keeps cybersecurity experts awake at night: every single one of those new devices is a computer. And every computer connected to the internet can be hacked.

Anna Covert: Which fundamentally changes the stakes, doesn't it? We are no longer just talking about someone stealing your credit card information or locking up your laptop with ransomware. We are talking about hackers having the ability to reach through the internet and physically manipulate the electrical current flowing into our homes and cities.

Alex Herrera: Exactly. The digital realm is bleeding into the physical realm. To understand why this is so dangerous, we have to look at how the grid used to work. For most of its history, the power grid was like a massive river. You had a huge power plant at the source—maybe coal, maybe nuclear—generating electricity. That power flowed in one single direction, downstream through transmission lines, until it reached your neighborhood. The control systems for this river were entirely analog, locked inside secure, closed environments. You could not hack them from a basement halfway across the world because they simply were not connected to the outside world.

Anna Covert: It was a fortress. A physical fortress with thick walls and guards at the gate.

Alex Herrera: Precisely. But over the past decade, that one-way river has turned into a chaotic, multi-directional digital ocean. We are increasingly relying on what the industry calls Distributed Energy Resources, or DERs. If you have a solar panel on your roof, you aren't just consuming power anymore; you are generating it. On a sunny day, you are actually pushing electricity back into the grid. To manage this incredibly complex, two-way flow of energy, all these devices need to constantly talk to each other and to the central grid operators in real time. They rely on constant internet connectivity.

Anna Covert: So, we traded the impenetrable analog fortress for a hyper-connected digital web. I can see the benefits—it makes the grid more flexible, it helps us integrate renewable energy, and if one big power plant goes down, we have millions of smaller backups. But it sounds like we have essentially handed out millions of keys to the front door of our critical infrastructure.

Alex Herrera: That is exactly the trade-off we have made, and the vulnerabilities are not just theoretical. We have already seen what happens when the digital systems controlling our power grid are compromised. Let's look back at 2015 in Ukraine. Attackers managed to infiltrate the digital tools used by the operators of the power system. In the dead of winter, they systematically shut off electricity to hundreds of thousands of people. It was a watershed moment. It proved that exposed digital systems could be weaponized to cause immediate, freezing, real-world suffering.

Anna Covert: That is terrifying. And it's not just happening overseas, is it? The data shows a massive escalation right here at home. Between 2023 and 2024, cyberattacks targeting utilities in the United States spiked by 75 percent. It feels like the grid has become the ultimate high-value target for state-sponsored hackers and cybercriminals alike.

Alex Herrera: It has, because disrupting the power grid is the fastest way to paralyze a society. And as we add more of these distributed energy resources to the grid, the attack surface expands exponentially. Let's dive into the hardware for a second, because this is where the vulnerability really lies. Many of these local energy devices rely on something called an inverter.

Anna Covert: Right, inverter-based resources, or IBRs. I know they convert the direct current from a solar panel or a battery into the alternating current that our home appliances actually use. But they do more than just translate the power, don't they?

Alex Herrera: They do a lot more. In the modern grid, inverters are essentially the traffic cops of the electrical system. They actively regulate voltage, they adjust power output, and they help correct fluctuations on the network to keep everything stable. They are incredibly smart devices. But what happens if a hacker takes control of the traffic cop?

Anna Covert: I imagine the traffic quickly turns into a pile-up.

Alex Herrera: Worse than a pile-up. If the control settings on even a single compromised inverter are deliberately altered, it can trigger something called overvoltage. Imagine your home's electrical wiring is like a network of plumbing pipes. Overvoltage is like suddenly cranking the water pressure up to a level the pipes were never designed to handle. The pipes burst. In the electrical world, equipment gets fried, components are destroyed, and it can trigger a cascading failure that ripples outward across the grid.

Anna Covert: And I've also heard about something called backfeeding. What is that?

Alex Herrera: Backfeeding is when power is manipulated to flow in the wrong direction entirely. It can damage transformers and, horribly, it can be lethal to utility workers who think they are working on a dead power line, only to find out a hacked solar inverter two streets over is pumping high voltage directly into their hands.

Anna Covert: That puts a completely different spin on the idea of smart technology. We are projecting that renewable energy will supply nearly 45 percent of U.S. electricity by 2030. That is double what it is today. So we are rushing headlong into a future where the grid is almost entirely dependent on these inverters and distributed resources to stay stable. Why aren't these devices locked down like Fort Knox from the factory?

Alex Herrera: That is the million-dollar question, and it comes down to a massive lag in cybersecurity standards. For decades, the companies building solar inverters or home battery systems were focused on efficiency and cost. Features like strong digital authentication, encrypted data exchanges, or even the ability to receive regular software updates were viewed as unnecessary luxuries. They were building appliances, not critical infrastructure endpoints.

Anna Covert: So we have millions of devices sitting on the grid right now that are essentially operating on the honor system?

Alex Herrera: Essentially, yes. The existing cybersecurity standards we do have, like the NERC CIP standards, were designed for that old, centralized grid. They were written for massive, isolated power plants. They simply do not account for a world where millions of small devices are communicating over the public internet. Without uniform protections, even the routine, everyday communication between a utility company and a residential solar array becomes a potential weak point for a hacker to slip through.

Anna Covert: It is like we built a sprawling, futuristic city, but we completely forgot to install locks on any of the doors. So, how do we fix this? We obviously cannot go back to the analog days. We need decentralization to hit our climate goals and to build resilience against extreme weather. How do we close this massive security gap before someone exploits it on a national scale?

Alex Herrera: The answer lies in a concept called "security by design." We can no longer afford to treat cybersecurity as an afterthought, something you bolt onto a product after it is already installed. Strong protections—like mandatory authentication, rigorous authorization protocols, and end-to-end encryption—must be baked into the very silicon and software of these devices from the moment they are conceived on the drawing board.

Anna Covert: And who enforces that? Because if it is just a suggestion, manufacturers are going to keep cutting corners to keep their prices down.

Alex Herrera: That is where standardization comes into play. The energy sector is finally waking up to this, and we are seeing the emergence of frameworks designed specifically for this new era. A great example is UL 2941. It is a newly developed standard specifically focused on the cybersecurity of distributed energy and inverter-based resources.

Anna Covert: How exactly does a standard like UL 2941 change the game on the ground?

Alex Herrera: It provides a rigorous, scientifically proven framework to evaluate whether a device is actually secure before it ever touches the grid. It focuses heavily on those network-connected endpoint devices—the inverters, the battery controllers—that manage significant energy flows. The idea is to prevent a scenario where a hacker can compromise a thousand home batteries at once to create an aggregated, catastrophic shock to the local grid.

Anna Covert: So it creates a baseline of trust. If a utility company is going to allow a new solar farm or a neighborhood of smart homes to connect to their network, they can demand that all the equipment complies with this standard.

Alex Herrera: Exactly. It takes the guesswork out of it. Renewable energy providers can point to the standard to prove their gear is safe. Utilities gain the confidence that they aren't plugging a Trojan horse into their network. When security expectations are uniform across the entire industry, the whole system becomes infinitely harder to break.

Anna Covert: It strikes me that we are undergoing a profound philosophical shift in how we view energy. For a century, energy security was about physical things. It was about stockpiling coal, protecting oil pipelines, or guarding the perimeter of a nuclear plant. Now, energy security is invisible. It is lines of code. It is encryption keys. Cybersecurity is no longer just an IT problem for the utility company's back office; it is as fundamental to the physics of the grid as voltage regulation and frequency control.

Alex Herrera: That is a brilliant way to frame it. Protecting the digital components is now the exact same thing as keeping the lights on. You cannot separate the two anymore. And moving toward this secure future requires a massive, coordinated effort. We need manufacturers, utility companies, government regulators, and standards bodies all pulling in the exact same direction. If the security expectations vary wildly from state to state or from brand to brand, the entire interconnected system remains fragile.

Anna Covert: A chain is only as strong as its weakest link, and right now, our grid has millions of very new, very untested links.

Alex Herrera: And we have to forge those links stronger today. Ultimately, protecting the future of energy means recognizing that a connected, efficient, and green grid is entirely useless if it is not also a dependable and secure grid. We have to incorporate these cybersecurity measures into distributed technologies right now, as they are expanding. Because as history has shown us time and time again, the only effective time to address a vulnerability is before the attack occurs. Once the lights go out, it is already too late.

Anna Covert: It really forces you to look at the world differently. We are democratizing power generation, which is incredible. We are taking the power away from a few massive monopolies and putting it on the roofs of everyday people. But in democratizing the power, we have also democratized the risk. We are all active participants in the grid now, whether we realize it or not.

Alex Herrera: We are. Every smart thermostat, every electric vehicle plugged into a garage, every solar inverter is a node in the most vital network on earth. The resilience of our society now depends on the integrity of those tiny digital conversations happening millions of times a second all around us.

Anna Covert: It is a profound responsibility. The next time you walk into a room and flip that switch, take a moment to think about the invisible digital war being fought just to make sure that light comes on. The grid of the future is here, it is decentralized, and it is under constant siege. The question is, can we build the digital armor fast enough to protect it? Thank you for joining us on this deep dive into the hidden complexities of our modern world. Keep questioning the things you take for granted, and we will see you next time.

Stay in the loop

Subscribe to our free newsletter.

Related Articles