CyberSolace’s weekly threat research has identified indicative information on cybersecurity forums about an attack on a French renewable wind-power generator and service-provider organisation called Voltalia. The news was highlighted in the public domain on the HackNotice website <here> and alleging that Voltalia has been attacked by the Conti group which is currently one of the most prolific ransomware groups. This comes hot on the wake of the infamous US Colonial Pipeline attack last month May-2021. On 18-June-21, Trend-Micro reported a doppelganger campagin, impostering the now defunct DarkSide cybercrime group, targeting the Energy sector. Separately, in an earlier incident last year in April 2020, a Portuguese energy multinational EDP had their wind energy division in the US attacked by ransomware. According to reports at the time, hackers responsible for the attack threatened to release 10TB of sensitive data unless the victims, EDP Renewables North America (EDPR NA), paid $10.9 million in bitcoins.
The renewable energy sector is gaining velocity and prominence on the world stage due to the obvious and irreversible trends of climate change and worldwide decarbonisation agenda. A lot of innovation, commercial competition and investment is pouring into the sector to drive its progress and role in the energy transition race. Whilst that is certainly a welcome and positive trend, it also makes the sector a ripe target for cyber threat actors. Either for sabotage, disruption, financial extortion or even industrial espionage (the Scottish ‘Pelamis’ incident of 2011 is a good case in point).
CyberSolace holds the view that the focus on incorporating a solid cybersecurity-by-design agenda for this industry sector is still neither visible enough nor high in the priority list. A successful cyber attack has the potential, not just to cause the loss of personal and commercial information, or cause damage to electronic resources, but also to damage a project’s physical assets through the forced maloperation of components, impact its finances by disrupting generation, or create national, or regional, energy security risks in the event of a large-scale grid blackouts.
According to the International Energy Agency (IEA) “A successful cyberattack could trigger the loss of control over devices and processes, in turn causing physical damage and widespread service disruption. In addition to the impacts on critical services, households and businesses that rely on electricity, an attack could result in millions or even billions of dollars in damages for electric utilities, including the costs of dealing with the cyberattack (i.e. detection, investigation, containment and recovery) and its consequences (e.g. from business disruption, information loss, revenue loss and equipment damage).”
Cyberattacks are among the top ten global risks in terms of likelihood and impact according to the World Economic Forum’s Global Risk Report 2020. For electricity systems, the threat of cyberattack is substantial and growing, and threat actors are becoming increasingly sophisticated at carrying out attacks – both in their destructive capabilities and their ability to identify vulnerabilities.”
Read more about this general topic in the IEA site by clicking the button below.