The Renewables Consulting Group (RCG) and cybersecurity specialist Cylance have published a report on cybersecurity concerns for renewable energy companies, urging them to assess and update their IT infrastructure.

The report is quick to point out the dangers faced by renewable energy companies, saying in its introduction: “the potential impact of cyber-attacks is particularly noteworthy in the energy industry, as conventional electrical energy infrastructure moves towards more distributed but integrated and ‘smart’ electrical grid systems.”

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Forbes noted that costs incurred as a result of cybercrime quadrupled from 2013 to 2015, and economic losses as a result of cyberattacks will reach $2 trillion by 2020.

The report foes on to explain that there are two kinds of risk posed to companies. The first covers physical damage, as the often remote locations of renewable energy assets mean it is difficult for damage to fences, locks and CCTV systems to be quickly repaired. Furthermore, ‘maloperation’ of machinery by hackers – forcibly making machines perform tasks that are wasteful or damaging to themselves – is named as another key threat.

“The remote management risk for renewable energy assets that convert kinetic energy into electricity, such as wind turbines, is inherently greater over more static power generation methods, such as solar PV [photovoltaic systems], as attackers could cause physical damage through repetitive operational commands on moving components at undesirable times,” the report says.

The second type of risk involves dangers posed to software and internet connectivity. The report states that ‘multiple wind and solar farms are now controlled from great distances away from the sites themselves’, control that is often exerted through public IP addresses, which can leave operations, maintenance and monitoring software open to attack.

The Enterprise Strategy Group, an integrated IR research and strategy firm, conducted a survey which reported that 63% of technology organisations predict they will spend more on cybersecurity than they did in 2017, with only 2% of respondents claiming that spending would decrease. The RCG and Cylance report encourages companies to invest in updated cyber-defences, reassess how access to sensitive systems and data is managed, and take advantage of predictive tools, such as machine learning and artificial intelligence, to be proactive in their defences.

“RCG is not aware of any other piece of research which draws together two expert companies to produce a joint report on the cyber threat to renewable project infrastructure,” said Sam Park of RCG, and co-author of the report.

“If this report offers a pause for thought to all the renewable asset owners, manufacturers and maintainers; and subsequently even a single project strengthens its resistance to the obvious and increasing cyber threat out there, then Cylance and RCG will have done their job.”