On Monday, a large European wind turbine manufacturer confirmed that satellite connections to thousands of wind turbines in Europe have been disrupted significantly. According to various news reports, over 5000 units accounting for a combined output of nearly 11 GW were affected by the incident. The company also confirmed that the wind turbines that were impacted could operate independently and manage their functions without connectivity. Remote maintenance was however not possible without connectivity. The company had to thus send its staff over to check on these turbines to ensure that they were functioning within their operational parameters.
The broadband services provider in this case offers custom location-independent connectivity services for industrial applications and safety-critical infrastructures. This company has not yet provided any update on the incident to the media and its website also doesn’t contain any reference to the incident. The cause of the incident though unknown is widely attributed to a cyberattack. Speculations are rife that KA-SAT satellite internet services started facing problems around the time of the Russian attack on Ukraine.
We will not add to the speculation. However, it is worth noting that cyber attacks on renewable energy systems have been growing in the last 5 years. A combination of the usage of new and untested systems based on remote connectivity and operations enabled by the Internet of Things, increased hacker interest and less than adequate cybersecurity measures have created an ideal environment for cyberattacks to thrive and grow.
Sectrio has been tracking cyberattacks on this sector since 2016. We have seen the attacks grow in stealth and sophistication with a steep 287 percent rise in cyberattacks logged in 2021 over those recorded in 2020 (according to Sectrio’s IoT and OT Threat Landscape Assessment and Analysis report released recently). In addition to IoT, some of the control systems powered by OT and HMI systems are also at risk as hackers want to create health and safety problems along with disruption.
Cyberattacks on renewable energy projects also increase the dependence on traditional sources of energy such as fossil fuels. Some of the APT actors that were activated during the ongoing Ukraine-Russia conflict were also tasked with targeting renewable energy projects in Europe. Sectrio has been providing threat intelligence to some of the businesses to help them hunt and eliminate active and passive threats. The convergence of a large number of threat actors on a few projects will create a significant security challenge for operators of renewable energy infrastructure in the days to come.
Coming back to the cyber incident, this could present renewable energy companies to take another look at their cybersecurity practices and work towards addressing postural weakness at the earliest.
For more informational content, subscribe to our weekly updates and be notified at the latest.
Try our rich OT and IoT-focused cyber threat intelligence feeds for free, here: IoT and OT Focused Cyber Threat Intelligence
Planning to upgrade your cybersecurity measures? Talk to our IoT and OT security experts here: Reach out to sectrio.