Skip to main content
close search
site logo
Sponsored

Rising cyber threats and supply chain security concerns drive utilities to rethink communications infrastructure

Published Sept. 29, 2025
Rising cyber threats and supply chain security concerns drive utilities to rethink communications infrastructure

stock.adobe.com/peterschreiber.media

Utilities are striving to modernize their grid assets and adapt to an increasingly digital world. And communications infrastructure plays a crucial role in the success of these efforts. Every new investment, from integrating distributed energy resources (DERs) to deploying smart meters and other Internet of Things (IoT) equipment, depends on having reliable and secure connectivity.

A safe and dependable network enables field technicians to work efficiently, supports real-time decision-making during severe weather and ultimately determines how effectively utilities can respond to threats to infrastructure and operations, including cyber threats. In this article, we’ll explore the major obstacles utilities face and how building secure communications networks with strategically sourced components helps overcome them.

Utilities face growing risks and challenges

For many years, the biggest threat to the U.S. grid was outdated infrastructure. While aging assets remain a top concern for utilities, the last several years have given rise to numerous other threats that utility leaders must contend with — threats that are interconnected and amplify each other's impact on operations.

Cyberattacks target IT infrastructure and operational networks

Bad actors view utilities as high-value targets because disruption has both economic and public safety implications. With cyberattacks on utilities increasing 70% in 2024, utility IT departments are under intense pressure to secure not just traditional enterprise systems, but also the growing network of connected field devices.

The IT challenge extends far beyond perimeter security. Modern utility networks create thousands of potential attack vectors through IoT endpoints, communication modules and edge devices that often lack robust built-in security features. IT teams must now manage cybersecurity across operational technology (OT) environments they may not have traditionally overseen. This requires new expertise in industrial protocols, field device management and real-time system monitoring.

These security concerns are further amplified by escalating geopolitical tensions, which have not only contributed to the rise in state-sponsored cyberattacks but also raised concerns about embedded software backdoors and remote control capabilities in edge devices.

Geopolitical tensions disrupting supply chains

Sourcing is fast becoming a critical concern for the utility sector as tense trade relationships disrupt longstanding supply chains. The growing concern is also about the potential for foreign adversaries to enable remote access over critical infrastructure through embedded communication devices. 

The U.S. Department of Defense maintains a list of "Chinese military companies" under Section 1260H of the National Defense Authorization Act, recently adding a major cellular module supplier. This expands DoD oversight beyond core network equipment to include modems and modules embedded in critical applications. The House Select Committee on the Chinese Communist Party has raised concerns with the FCC about Chinese cellular modules in American IoT devices, potentially signaling broader regulatory attention to these components. Meanwhile, CISA, NSA and FBI have jointly warned critical infrastructure operators that PRC state-sponsored cyber actors are pre-positioning themselves on IT networks for potential attacks against U.S. critical infrastructure. 

This regulatory shift reflects growing recognition that communication devices sourced from certain foreign vendors may represent potential backdoors that could be activated to disrupt critical services during periods of geopolitical tension, requiring utilities to implement more rigorous vendor vetting and risk assessment processes.

Why utilities need a strategic approach

Utilities can no longer treat communications as a simple IT and OT line item. Utility operators must develop a strategic, long-term view of how these networks are sourced, deployed and secured. 

“Who the company is behind the equipment has taken on a much higher emphasis,” says Greg Hill, director of product management at Semtech, formerly Sierra Wireless, a provider of mission-critical wireless networking solutions. “Utilities now have to look at where endpoint devices come from, where they’re manufactured and what components they use, including source code origins.” 

For IT departments, this means implementing comprehensive security protocols that evaluate not just device functionality but also the supplier behind it.

The goal for utilities has become clear: Establish a secure communications infrastructure that can not only withstand threats such as cyberattacks and severe weather but also tolerate future scrutiny in a fluctuating regulatory environment. 

A path forward for building resilient utility communications

Utilities looking to future-proof their communications infrastructure are responding by making communications equipment from trusted suppliers a strategic priority. Purchasing solutions that are sourced from allied nations and meet national procurement and security guidelines, such as the Trade Agreements Act (TAA) or Section 1260H of the National Defense Authorization Act (NDAA), will help utilities build a foundation for long-term cybersecurity and resilience. 

Solutions developed and manufactured in controlled environments by trusted suppliers provide utilities with greater assurance that devices have been built with transparency, security and scalability in mind. This approach addresses both immediate cybersecurity concerns and long-term regulatory compliance requirements. It also reduces the ongoing security management burden on IT teams through built-in security features and trusted update mechanisms. These concerns are especially important as utilities strive to integrate emerging technologies, such as automation and edge computing, without introducing new risks into their networks.

Semtech is helping utility providers take a more proactive approach to their communications strategies. With modules and routers designed to meet the unique needs of the utility sector and sourced to meet the expectations of U.S. regulators, Semtech offers utilities a reliable, future-ready alternative to high-risk imports. Unlike many router manufacturers that rely on third-party cellular modules — potentially from suppliers included on the DoD's Section 1260H list — Semtech uses only its own cellular modules across its entire router portfolio. This vertical integration provides enhanced supply chain visibility from the router to the embedded module and enhanced protection against foreign control risks. 

By selecting communications solutions from trusted vendors who can minimize geopolitical threats and supply chain risks, utilities can enhance cybersecurity and stay ahead of policy changes, ultimately providing more reliable service to end customers. Making these investments now will not only protect utility networks today but also create a secure foundation for the grid of tomorrow.

Learn more at Semtech.com

Editors' picks

Editors' picks
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.