Lithuania’s grid operators can now disconnect solar plants without cybersecurity measures - pv magazine Global

While Lithuania’s heightened cybersecurity laws are helping solar plants larger than 100 kW become more secure, some owners have faced increased costs and a waiting list to fully implement the new measures.

Grid operators in Lithuania can now disconnect solar power plants from the grid that are not compliant with cybersecurity measures now in force.

Lithuania first announced plans to tighten its cybersecurity laws in November 2024 by passing legislation that blocked Chinese manufacturers from remotely accessing the country’s solar, storage and wind facilities.

The legislation, applicable to plants and devices with capacities in excess of 100 kW, was brought into effect for new projects on May 1, 2025, with existing sites given until June 1 this year to comply. It requires project owners to comply with cybersecurity requirements spanning multi-factor authentication, secure communications, supply-chain security controls, incident reporting procedures, and physical security, as well as imposing restrictions on remote access. Plant owners must subsequently pass an audit demonstrating compliance.

Lithuanian green energy technology company Inion Software says it has worked with and assessed numerous solar, wind and battery projects across Lithuania as operators prepared for the new rules.