Securing the Invisible: Hidden Tech Threatens National Security

Seemingly inoffensive Chinese devices such as solar inverters and batteries may hide spying devices, a problem for security—and human rights.

By Luca Pellegrini

June 2, 2025

Recent investigations have unveiled a disturbing reality: critical infrastructure equipment, particularly Chinese-manufactured solar inverters and batteries, may conceal rogue communication devices capable of undermining national and public security. 

Reports by the Australian Strategic Policy Institute (ASPI), Reuters, and The Economic Times highlight the growing risk of hardware-based cyber intrusions in systems central to national power grids and public utilities.

These findings are not speculative. U.S. energy officials and cybersecurity analysts have discovered undocumented cellular radios and communication modules embedded within power inverters. These hidden components can bypass firewalls and operate without detection under conventional cybersecurity protocols. In the worst-case scenario, these devices could be remotely triggered to disrupt grid operations, steal data, or even act as launching points for broader cyberattacks. This adds a physical dimension to cybersecurity, requiring not only digital vigilance but also scrutiny of the hardware supply chain.

A deep analysis warns that physical equipment—just like software—can be turned into vectors for espionage or sabotage. The components in question may be capable of passive data gathering or active command-and-control operations. Since these rogue modules are not documented or listed in standard data sheets, their presence often goes unnoticed by importers, resellers, and even national regulators.

In response to this evolving threat landscape, governments must take decisive and multi-layered action. A foundational shift from software-centric protection to a zero-trust model that includes hardware is needed. Every device introduced into the national infrastructure must be treated as untrusted until verified. This can be achieved through cryptographic device attestation, runtime firmware integrity checks, and physical tamper detection systems embedded within mission-critical hardware.

Hidden IoT devices—micro cameras, microphones, and RF receivers—are typically small, low-cost, and low-power, making them easy to conceal in indoor environments for covert surveillance. These devices can be hidden in everyday objects or carried by individuals to record audio, video, or other sensitive information secretly. They may operate in two primary modes:

-Wireless Transmission: Some devices wirelessly transmit captured data (audio/video) to an external receiver.

-Local Storage: Others store the data locally (e.g., on an SD card) to avoid detection by network monitoring tools.

A key technical aspect is that all electronic devices, including hidden IoT devices, unintentionally emit electromagnetic (EM) waves, known as emanations, during their operation. These emanations are byproducts of the device’s internal clock and computational activities, and their patterns can be unique to each device’s hardware architecture. Even if the device is not actively transmitting data over a network, these EM emanations can still be detected.

Hidden IoT devices introduce several significant threats:

-Privacy Invasion: They can record private conversations, monitor daily activities, and collect sensitive information without consent.

-Corporate Espionage: In offices, they may be used to steal intellectual property, confidential business discussions, or employee data.

-Data Breaches: Devices with wireless capabilities can transmit stolen data to remote attackers, potentially leading to large-scale data breaches.

-Network Vulnerabilities: Even legitimate IoT devices, if compromised or poorly secured, can serve as entry points for attackers, enabling lateral movement within a network.

-Difficulty in Detection: Many hidden devices do not transmit data over the network and can operate in passive recording modes, making them invisible to traditional network-based security tools.

Detection methods include passive EM Emanation Detection:

-RFScan, a system that passively detects, fingerprints, and localizes hidden IoT devices by analyzing their unintentional EM emanations. The detection process involves:

-Spectrum Scanning: Continuously scanning a wide frequency range (e.g., 100 MHz to 1 GHz) to capture all possible emanations.

-Noise Floor Smoothing: Using median filtering to flatten the noise floor and improve the accuracy of spike (emanation) detection.

-Non-Coherent Averaging: Averaging multiple time sweeps to strengthen the weak emanation signals and suppress random noise.

-Signal Suppression: Subtracting baseline (known environment) EM signatures from current readings to remove ambient wireless signals and focus on new or suspicious emanations.

-Fingerprinting: Extracting frequency and time-based features from the detected emanations and using a deep neural network to identify the specific type of IoT device.

-Localization: Employing a directional antenna to determine the angle of arrival (AoA) of emanations and triangulating the device’s position within the room.

Traditional detection has limitations:

-Dedicated RF Detectors: Commonly used but require turning off all legitimate devices, and cannot distinguish between multiple sources.

-Sensor-Based Detection: Relies on visual cues (e.g., camera light indicators), which attackers can disable. 

-Network Traffic Analysis: Ineffective if the device is not transmitting data or uses local storage only.

-Active Excitation Methods: Involve stimulating devices with external signals (e.g., light, RF), which can alert attackers and may not work on all device types.

Some practical considerations include:

-Detection Range: The strength of EM emanations decreases with distance and can be affected by shielding (plastic, metal) and multipath effects in indoor environments. RFScan demonstrated detection ranges up to 5 meters for some devices, but less for others.

-Multiple Devices: Devices with different clock frequencies can be detected and separated; however, devices with similar frequencies may be harder to distinguish simultaneously.

-Shielding: Covering devices with plastic or aluminum reduces emanation strength but does not eliminate it entirely, so detection remains possible unless the shielding is perfect.

What you can do to detect hidden IoT devices:

-Deploy Passive EM Detection Tools: Use advanced systems like RFScan to continuously monitor indoor environments for new or suspicious EM emanations without needing network access or device stimulation.

-Establish Baseline Profiles: Regularly scan and record the EM signature of your environment when it is known to be secure. This allows for more effective subtraction of ambient signals and identification of new devices.

-Use Directional Antennas: For precise localization, use directional antennas to scan for the angle of arrival of detected emanations and triangulate the device’s position.

-Regularly Update Detection Models: Continuously retrain fingerprinting models with new device profiles to improve recognition of emerging or unknown IoT devices.

-Physical Inspection: In addition to technical methods, visually inspect rooms for unusual objects, small holes, or seams that could conceal a device, and use RF detectors for a quick sweep.

-Shield Sensitive Areas: Consider using EM shielding materials in highly sensitive rooms to reduce the risk of undetected emanation-based surveillance.

Securing the hardware supply chain is an essential front. Governments should enforce mandatory independent security testing of imported devices before they are approved for integration into national systems. Technologies such as side-channel analysis, reverse engineering platforms, and X-ray imaging scanners can also be used to detect the presence of undocumented chips or communication modules. Tools like ChipWhisperer, an open-source hardware hacking toolset, and JTAG boundary-scan testing allow forensic-level inspection of microcontrollers and integrated circuits. Additionally, electromagnetic emission monitoring using devices like TEMPEST scanners can detect covert transmissions or abnormal signal behavior.

Regulatory frameworks must evolve to keep pace. Governments should implement hardware security standards that require manufacturers to provide full component documentation and submit their products for independent verification. Compliance must be strictly enforced, with significant penalties for violations or obfuscation.

A longer-term strategic countermeasure involves reducing dependency on foreign-manufactured critical components. States can increase supply chain transparency and reduce exposure to foreign-manufactured threats by investing in domestic semiconductor and power infrastructure manufacturing.

International collaboration also plays a crucial role. Shared intelligence, multinational testing labs, and harmonized security protocols can create a cooperative global front against hardware-based intrusions. The coordination of cyber-defense initiatives through international alliances can bolster national resilience.

The discovery of rogue communication devices in solar infrastructure is not an isolated incident but a symptom of a deeper vulnerability in how nations approach infrastructure security. It demands a reevaluation of trust, procurement, and detection mechanisms. National and public security in the digital age must be anchored in both bytes and bolts—equally protecting against invisible code and circuits. Only a comprehensive, technology-informed, and globally coordinated approach can ensure the resilience of modern infrastructure against these emerging threats.

The proliferation of concealed Internet-of-Things (IoT) devices poses a significant threat to freedom, democracy, and human rights worldwide. These devices can covertly monitor individuals’ private activities, conversations, and even religious practices, often without their knowledge or consent. 

Their deployment enables pervasive surveillance, undermining the right to privacy and creating an environment of constant monitoring, leading to self-censorship and a chilling effect on free expression and assembly. In authoritarian contexts, such technologies are frequently used to target dissidents, journalists, and religious minorities, restricting their ability to organize, worship, or express their beliefs freely. 

The ability of hidden IoT devices to collect sensitive information facilitates profiling and discrimination. When used by state or non-state actors, these tools can be weaponized to suppress dissent and limit religious freedom, ultimately eroding the foundations of open, democratic societies.

Source: bitterwinter.org