The renewarbles sector is experiencing a rising trend in cyberattacks over the last 2 years. This week Gov-info-security reported that Nordex of Germany was the latest victim of a cyber attack that resulted in widespread systems outage. Nordex said that customers, employees and other stakeholders may be affected by the shutdown.
This attacks follows the control failure on thousands of Enercon wind energy converters, which has still not been fully resolved. On Friday, Enercon announced that more than 85% of wind turbines are now back online following disruption to satellite communication. “1,101 wind farms are back online, communication continues to be disrupted in 193 wind farms (as of 1 April). Service teams in the Central Europe (CNE) region are currently working around the clock in a large-scale concerted action to rectify the problem, which emerged on 24 February following a cyberattack on the KA-SAT satellite,” Enercon says.
One knock-on effect of the Viasat outage was that it disrupted about 5,800 wind turbines operated by Germany’s Enercon across central Europe, Reuters reported. The operational technology impact prevented remote monitoring and control of the turbines.
In November 2021, the world’s largest wind turbine manufacturer, Vestas Wind Systems, had to shut down its IT systems across several locations following what was revealed be a ransomware attack by the LockBit group.
CyberSolace has written several times in the past and will continue to write about the susceptibility of the renewables sector to cyber-attack. Whilst the sector is one of the most innovative and rapidly emerging, alas it is our view that a cybersecurity mindset is not yet well ingrained in it. Our two key pointers to all renewable energy organisations is to consider cybersecurity as a key pillar of operational risk and resilience and not simply a tactical IT issue. Secondly, whenever considering cyber-risk, renewable-energy organisations should take a holistic viewpoint and look at the problem from a system-of-systems view rather than as discrete and disconnected touch points.
If you are anyone wanting to begin a journey of maturity around cybersecurity for your organisation then why not try our simple free online CQuest self-assessment questionnaire to give your organisation a starting view of where your maturity is at present.
Click the button below to read more.