As the renewable energy sector rapidly digitalises, it faces an increased threat of cyberattacks. Averaging 736 cyberattacks per week in 2021[i], the renewable energy sector remains susceptible to hostile attackers online, with high-profile victims in recent years including Vestas and Enercon. The energy sector is a primary target of cyberattacks, with 16% of all cyberattacks aimed at the sector in 2020[ii]. These cyberattacks can have significant consequences, such as taking down power grids for days or weeks, causing power shortages, and ultimately increasing energy prices.
Recent cyberattacks in the sector have disabled remote controls for wind farms, disrupted prepaid meters and led to recurrent data breaches. Research curated by analytics firm GlobalData shows that, in 2022, the average cost of data breaches alone reached $4.72 million in the energy sector[iii]. These attacks are often geopolitically motivated, as countries seek to exploit vulnerabilities and exert influence.
To address these challenges, power companies and stakeholders must invest in cybersecurity solutions and adopt a strategic approach to ensure the security and resilience of their operations. This includes implementing AI-based monitoring and detection platforms to protect Internet of Things (“IoT”) devices from cyberattacks. Additionally, there is a need for collaboration between the clean energy and cybersecurity communities.
How we got here: home working and the cyberskills shortage
One issue directly related to cybersecurity links back to the worldwide Covid-19 pandemic and the rush to home working. A Kaspersky survey in April 2020, found that nearly half of the 6,000 respondents had never worked from home before. In the rush to home working practices during the pandemic, the survey found that in over 70% of cases, employers did not include cybersecurity training, which may go some way in explaining the surge in attacks around this time period.
However, in the last few years, one of the biggest issues faced by the renewable energy sector is a worldwide shortage of energy cybersecurity skills. The skills gap has been a long-standing issue, and the demand for cybersecurity professionals has consistently been high.
Research from GlobalData’s Job Analytics shows a 32% drop in new job postings related to cybersecurity in Q4 2023 compared with the previous quarter. GlobalData’s Power: Hiring Trends & Signals Q4 2023 report also reveals that 43% of all cybersecurity-related new jobs in the power industry (tracked by GlobalData) as of Q4 2023, were for just five companies: Prysmian, Siemens, Schneider Electric, Elektroprivreda Crne Gore AD Niksic and A2A.
According to research collated by GlobalData, the size of the workforce is still 65% below what is needed[iv]. The global cyberworkforce gap reached four million people in 2023, despite an increase in the global cybersecurity workforce to 5.5 million. This demand is expected to keep increasing as organisations become both more dependent on technology and face more complex threats.
The good news is that the cybersecurity skills gap appears to be levelling off.
This is partly due to initiatives such as colleges and universities in the US investing heavily in cybersecurity education over the past five years. As a result, there should be a growing pipeline of computer science graduates entering the cybersecurity field between now and 2031. In addition, women are expected to represent 30% of the global cybersecurity workforce by 2025, with that figure reaching 35% by 2031.
Why are renewable energy companies under threat from hackers?
Cyberattacks on all organisations continue to rise, but critical national infrastructure (CNI) – the systems that are required for a country to run – are especially seen by bad actors as targets. Cybersecurity is crucial for power companies, as they are directly linked to the functioning of a country’s economy. For instance, utilities have been warned to be extra vigilant due to the geopolitical situation between Europe and Russia over energy[v].
Hackers target renewable companies with malware and ransomware attacks, data wiping and theft, and Distributed Denial of Service (DDoS) attacks. These cyberattacks can disrupt operations, disable remote controls for wind farms and lead to data breaches involving sensitive client information. Customers’ private financial data also risks being accessed by cybercriminals.
Renewable companies are particularly under threat from hackers due to digitalisation of the sector, which potentially can make them more vulnerable to cyberattacks. Digital transformation of energy infrastructure is essential to enable the efficient integration of renewable energy sources as they come online. The US Federal government has already recognised these challenges as a priority and pledged $45 million to enhance the cybersecurity of clean energy technologies and the energy supply chain[vi].
Without energy, other industries cannot operate. A cyberattack wiping out power can have catastrophic effects on people, businesses and whole communities.
How to defend against AI and malicious hackers
Cybersecurity threats to businesses are now becoming more sophisticated through the use of AI by perpetrators. While cybercriminals continue to use the same methods for attacks, AI is enhancing existing methods. Threats remain the same, but techniques and tools are more complex.
According to GlobalData, hacking groups are likely to use large language models (LLMs) trained on malware to target their attacks more effectively[vii]. The use of AI in offensive attacks is prompting increases in cybersecurity budgets as organisations try to understand the impact of generative AI on their security.
However, AI is also being used effectively for threat detection, and its greater adoption will help offset attacks. Speaking in April, GlobalData’s principal analyst for thematic intelligence David Bicknell said that the threat of AI-led cyberattacks was a major concern. But he also noted AI can be a force for good: “Despite concerns over the risks it poses to organisations, AI can play a major role in improving cyber defences. Organisations can use it to understand their networks better and identify potential threats faster.
“AI can spot and decipher the signals that are the precursor to a cyberattack more efficiently than human resources. At the same time, adversaries will use AI in cyberattacks. A simple example is cybercriminals using generative AI to strengthen phishing attacks by eliminating the telltale signs of fake messages, such as poor grammar and spelling mistakes.”
In October 2022, the US Department of Energy (DoE) conducted a comprehensive evaluation of cybersecurity risks associated with distributed energy resources (DER), including solar and storage technologies, over the next ten years. The study revealed that while a cyberattack on current DER systems would not significantly affect grid reliability, future growth could pose cybersecurity challenges and suggests strategies for DER operators to enhance grid security and provides policy recommendations for decision-makers[viii].
The DoE report continues that to protect itself from cyberattacks, the renewable energy sector can take several measures, including employing a host of cybersecurity solutions to mitigate or eliminate the effects of cyberattacks, such as implementing firewalls, intrusion detection systems, encryption protocols, and regular vulnerability assessments. The report also highlights cybersecurity best practice – multifactor authentication, encryption and other tools to secure devices. Companies should go beyond minimum-security standards and actively detect threats. By adopting a zero-trust approach, they can verify commands and data and ensure cyber resilience.
Additionally, power companies should be investing in cybersecurity measures throughout the value chain. This includes equipment manufacture, engineering, procurement, construction, generation, transmission, distribution, as well as end-users. Broad industry involvement is seen as crucial for developing robust cybersecurity standards, and the DoE report says that power utilities should include cybersecurity in their business strategy. In doing so they can both prevent dangerous threats to the company and safeguard the nation’s energy infrastructure.
Discover further insights
To learn more, download our new report, “‘Challenges and opportunities in the US renewable energy sector”, published in association with Sterling Technology – the provider of premium virtual data room solutions for secure sharing of content, business process automation and collaboration for the M&A, corporate development, capital markets, private capital, banking and legal communities engaged in renewables dealmaking.
[i] https://www.cshub.com/attacks/interviews/renewable-energy-remains-a-lucrative-target-for-cyber-criminals
[ii] GlobalData: Thematic Intelligence: POWER: Cybersecurity in Power, July 27, 2022, page 23
[iii] GlobalData: Thematic Intelligence: Power Smart Grid August 28, 2023, page 8
[iv] GlobalData: Thematic Research: Technology Cybersecurity April 22, 2022, page 17
[v] https://www.ncsc.gov.uk/news/ncsc-warns-enduring-significant-threat-to-uks-critical-infrastructure
[vi] https://www.energy.gov/articles/doe-announces-45-million-protect-americans-cyber-threats-and-improve-cybersecurity
[vii] GlobalData: Thematic Intelligence Technology: Cybersecurity, April 24, 2024
[viii] https://www.energy.gov/ceser/articles/doe-cybersecurity-report-provides-recommendations-secure-distributed-clean-energy#:~:text=The%20study%20finds%20that%20while,for%20future%20electric%20power%20grid
