Blog

Global security risks and the resulting interruptions in access to energy resources have necessitated a new chapter in renewable energy. For every country, energy independence has become an important condition for national security. Today, energy production still relies heavily on underground energy resources, and even countries that are adequate in terms of these resources are rapidly and effectively turning to renewable energy production models.

While the trend towards renewable energy sources is increasing, on the other hand, with the increase in energy demand brought about by pandemic conditions, energy production facilities, which have been used to continue their lives in isolation as a “closed system” for years with the effect of modern technologies such as remote working / access / management / communication, etc., have also received their share of digitalization. They had to communicate with the “outside” through information technologies (IT) for information and operation access.

While IT/OT convergence has brought significant operational and financial benefits for energy operators, it has also increased the risk of cyber attacks. This risk is likely to increase with the proliferation of smart systems in power grids as critical infrastructure around the world.

Some recent attacks on energy and critical infrastructure:

• Satellite cyber-attack knocked out 5800 (11 GigaWatts) of Enercon’s wind turbines across Germany (2022) [Source-1]
• Data leak in the IT systems of Danish manufacturer Vestas (2021) [Source-2]
• American Colonial Pipelines suffered a ransomware attack by the Russian-based DarkSide hacker group (2021) [Source-3]
• A Hacker Tried to Poison the Florida City Water Network (2021) [Source-4]
• Ukraine’s blackout was actually a cyber attack: Ukrenergo (2015) [Source-5]

As energy operators increase commitment and investment in cybersecurity, challenges remain that prevent security operations teams from keeping pace with the evolving cyber threat landscape.

And yet, securing power generation/distribution infrastructures has other challenges for traditional energy companies.

• Rapidly developing production and control technologies,
• Facility trading cycles and the integration issues of existing IT and OT systems created by these cycles
• Monitoring operational infrastructure and device inventory
• Failure to make Predictive and/or Preventive Maintenance plans
• Anomaly detection in the current operation becomes difficult

The increase in remote monitoring and control of utility-scale power generation facilities and connected end devices is creating new entry points for cyber attacks on these critical facilities.

The rise of the industrial internet of things (IIoT) and device-to-device communication is causing inventory management and operational control to become more complex, with the attack surface available to malicious internal and external actors continuously growing.

Power generation facilities are geographically dispersed, often located far from communication lines and with multiple external workforces. The large ecosystem of external service providers with network access poses a particular challenge as they, together with local manufacturers and suppliers, can create weak security links that attackers can exploit.

There are many security platforms that are poorly integrated, inflexible and rapidly outdated. They often have complex, labor-intensive installation and maintenance processes. They also generate high volumes of data that lack context and prioritization, and extracting valuable informatics details from this data requires time-consuming abstract engineering research.

Existing technical challenges are exacerbated by a shortage of skilled professional labor, a global talent shortage, and deep differences in understanding between IT/OT teams.

Finally, the increasing IT/OT convergence reveals a significant disparity in the maturity levels of IT security and OT security in many companies trying to keep up with the latest technological developments. This worrying situation is also the area with the most room for improvement, as the control and automation of Power Generation Plants increases the risks related to potential security breaches.

Conclusion

By 2030, Europe plans for around 70% of its power generation plants to consist of green energy sources. This technological shift is also a digital transformation for operators, involving automation, robotics and increased connectivity in the construction and operation of all renewable energy installations.

This ongoing infrastructure and digital transformation work requires a parallel transformation in cybersecurity to support energy supply and protect future clean energy security. Emerging new and complex threats require cybersecurity systems to be included as a key element in contracts with all ecosystem partners, from design to deployment.

Recent important regulations, such as the Presidential Circular No. 2019/12 on “Information and Communication Security Measures” and the Information Security Guide published by the Presidential Digital Transformation Office in July 2020, require operators that produce and sell energy to demonstrate their ability to detect and block cyber threats and use approved solutions. However, ever-changing threat profiles require operators to increase their adaptability for compliance and be proactive in creating their own customized cybersecurity roadmap.

The diversity of power generation facilities and sources has made cybersecurity more important than ever in maintaining energy supply.