“The third energy revolution is the combination of renewable energy, digital technology and smart grids,” emphasised Nicolas Hulot in his introduction to the Energy Transition Forum in March 2018.

A fruitful synergy for the future – but to ensure a promising, sustainable outcome, the cybersecurity industry must be an essential link in the chain.

Energy: a tempting target

Before the high-profile BlackEnergy attack that struck a power grid in Ukraine in December 2015, causing huge outages that deprived 800,000 to 1.4 million people of electricity for several hours in the middle of winter, Shamoon had targeted Saudi Aramco in 2012. Dragonfly and Energetic Bear claimed the spotlight in 2010, while Stuxnet infected the centrifuges at Iran’s nuclear facilities, damaging the country’s uranium enrichment capacity.

In December 2016, the city of Kiev in Ukraine suffered a power blackout following multiple cyberattacks that compromised the Ukrenergo electricity supplier’s workstations and SCADA systems.

In March 2018, the Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security in the USA, announced that cyberattacks were affecting the IT systems of the country’s electrical and nuclear infrastructure.

In March 2020, ENTSO-E, the European electricity transmission network coordinator, was added to the list of the world’s cyberattack victims.

The facts are clear: attacks against systems controlling industrial and operational processes have risen by 2000% since 2016! According to the IBM X-Force Threat Intelligence report, 2019 was a record year.

The energy sector, characterised by growing digitalisation, is clearly a favoured target for cyberattackers, whose motivations are as manifold as they are vague. Economic and industrial espionage, sabotage and various kinds of dysfunction are reflected in attack, deterrent or reprisal strategies, some orchestrated by states, which we must be ready to face.

IT/OT convergence

This situation requires the energy sector to make cybersecurity a priority. As a vital strategic issue for every country, it leaves no room for approximation. But the task is complex.

Energy grids are often old installations, but they operate hand-in-hand with the world of connected energy, information systems, remote control and remote maintenance… The frontier between OT and IT is no more. Energy companies have become dependent on connected devices. Gartner estimates an annual growth rate of 45.7% in the autonomous OT security market by 2022.

This makes it essential to create synergies and a global approach to security, incorporating physical and logical aspects in a continuum to serve the energy needs of the future.

In its move towards smart grids, the electricity network is opening up to cyber risks. Failing to control them can affect the availability, integrity and secure operation of electrical infrastructure and cause harm to individuals, organisations and ultimately the state. Cybersecurity is no longer an option. Far from being solely a technical problem, it must be part of a global strategic, political, economic and managerial approach.

A global approach to risk

France has been a pioneer in Europe, adopting a military planning law in 2013 followed by the NIS directive and the obligations it imposes on operators. Together with measures designed to ensure a common high level of network and information system security within the European Union, the efforts have been considerable.

But today, both the mutations of the energy sector in France and Europe and the virulence and sophistication of cyberattacks make it essential to reconsider the issue and the collection actions to be taken.

The energy sector needs to introduce a global approach to risk management. Using global, collaborative, automated tools will give the key players in the sector a real-time, evolving view of the risks and possible attack scenarios, enabling them to anticipate and take decisions quickly and precisely.

The IoT and renewable energy: the new challenge

Renewable energy also needs to take cybersecurity issues into account. Controlled remotely, wind turbines and solar panels are also connected objects that need to be secured from end to end using appropriate protocols and technologies. IoT cybersecurity remains a weak link, and these turbines and panels were not created on the basis of security by design. Their vulnerabilities are immense.

Added to this is the problem of decentralisation in energy generation, which will also multiply backdoors and expand the attack surface.

Electric vehicles, connected and soon to be autonomous, will also be excellent targets for attackers.

All these strategic issues need to be addressed immediately.

The increasingly interconnected world in which we live involves cooperation between different players, with synergies to be found and information sharing to be reinforced. Finally, the emergence of plans for joint construction and innovation must once again place cooperation at the heart of the system as a key ingredient of success.


IBM X-Force Threat Intelligence report




All articles