Finnish utility company Fortum’s power assets have been subject to multiple cyberattacks and surveillance, according to its president and CEO.   

Markus Rauramo told Reuters that there have been a variety of cyberattack or cybersecurity breach attempts daily, alongside less frequent surveillance attempts including drone flyovers and other suspicious movements around its power assets.  

He added that its power plants’ satellite connections also experienced disturbances earlier this year.  

The CEO said that Fortum has contacted Finnish authorities to investigate the incidents to protect its energy assets, which include hydropower, wind, solar, nuclear and heat and power plants.  

Rauramo said that the company has taken extensive precautionary measures to mitigate these attacks, enforcing strict access to controls, employing security services, deploying reserve systems and arranging drills with local authorities. 

Fortum's head of security, Jari Steniu, commented: "The numbers [of attempted attacks] are increasing, but the impact on our operations is very small."  

Fortum’s cybersecurity concerns come at a time when cyberattacks against energy infrastructure across the world have become increasingly common. According to Power Technology’s parent company, GlobalData, utilities experienced more cyberattacks in Q1 2024 than in any other quarterly period in the past four years.  

Alfie King, associate analyst at GlobalData, explained that the energy transition has expanded attack surfaces for hackers to exploit as cybersecurity measures have struggled to keep up with the rapid integration of renewables and distributed energy resources. 

“It takes experiencing disruption to critical operations for large organisations to take cybersecurity seriously and allocate adequate resources to ensuring cyber resilience,” said Ross Brewer, vice-president and managing director EMEA at cyber company Graylog.