The wind energy sector requires a global cybersecurity initiative
Recently, (at least) three European OEM’s and a service company experienced a cyberattack that caused operational problems for their wind turbines under service. Other industries already face cyberattacks on a regular basis, so it is likely they will happen more often in the wind industry as well.
New research from DNV reveals that energy professionals expect more extreme cyberattacks in the next two years. More than 80% think an attack is likely to cause operational shutdowns and damage to assets. Three quarters (74%) expect harm to the environment. Over half (57%) anticipate an attack to cause loss of life. As industrial systems become increasingly network connected, the energy industry needs to wake up to this emerging cyber threat.
Since the percentage of wind energy in the energy mix will only increase over time, wind farms will become critical infrastructure for keeping the lights on. This reliance is making the wind industry an even more attractive target for cyberattacks and hackers, whether politically or criminally motivated.
A large wind farm could suffer financial, energy output, and reputational losses if a cyberattack occurs. A cyberattack could completely halt wind farm production, resulting in no input to the grid and thus no power and income. Attacks can also cause physical damage to turbines as a result of unnecessary wear and tear. These cyberattacks not only affect individual wind farms, they also have the potential to disrupt or completely shut down our electricity supply.
Of course, companies and organisations already look into cyber protection, but it should be considered an integral topic at all stages of development and operations. For example, in 2020 the U.S. Department of Energy released the Office of Energy Efficiency and Renewable Energy (EERE) Cybersecurity Multiyear Program Plan to guide cybersecurity R&D for EERE technologies. Also in the USA, the National Renewable Energy Laboratory and six organisations have joined forces in developing a national Wind Cybersecurity Consortium. The goal of the consortium is to improve the cybersecurity of the US wind fleet through collaborative analysis, development, and information sharing.
Because cyberattacks are here to stay, cybersecurity is a major concern for the wind energy industry. I believe the industry should be more proactive in reducing cyber risks, which includes establishing a decent and comprehensive security regime. The recent attacks were all in Europe, so maybe European organisations and companies should team up as well, like they did in the USA. Or even better, I would welcome a global initiative. Although cost and effort are involved, the consequences of not taking appropriate action in advance can be much higher.
Enjoy reading and let’s keep our lights on.
Floris Siteur
Publisher
Publisher