New research has warned that UK renewables companies are faced with up to 1,000 attempted cyberattacks per day.
Analysis from cybersecurity group Cyber Energia found as many as 880m cyber risks across the renewables sector, with over 300 attempted security breaches at any one moment.
Despite this, the firm said that only 1% of UK wind energy firms have adequate cyber protection.
“To provide an indication of the serious exposure UK renewable firms are facing to cyber threats, our analysis shows that in the wind sector alone, only 1% out of around 11,000 sites has some sort of cyber solution,” said Jonathan Navon, partner at CFP Energy.
“With both sustainable and national energy security at the top of many governments’ agenda, this security issue needs to be addressed with some urgency.”
As the share of renewables in the global energy mix and the use of smart grid technologies grows, so too has the threat of cybersecurity breaches.
The consequences of shut-downs caused by cyberattacks can range from significant inconvenience to devastating operational impact. Such attacks can result in loss of production and revenue; damage to assets and infrastructure; leakage of sensitive commercial information; health and safety risks, as well as reputational damage.
Cyber Energia warned that UK renewables companies that are not sufficiently protected against cyberattacks are increasingly at risk of financial penalties.
In the UK, operators come under both the NIS Regulations 2018 and the National Security and Investment Act 2021, which not only has powers of inspection, but can impose monetary penalties up to £17m for those contravening regulations.
Furthermore, organisations providing essential services in the EU will soon face tougher cybersecurity regulations (NIS2.0) for failure for non-compliance. Punitive actions will include higher fines, bans on management positions and even a withdrawal of the company’s licence to operate.
Recommended for you