Stepping up cyber security in wind farms and other renewables

Get the Operational Technology (OT) Security You Need. Reduce the Risk You Don’t.

Both domestically and globally, offshore wind production has grown exponentially over the past decade. With this record-breaking growth comes an increasing level of reliance on wind farms as critical infrastructure for keeping the lights on. This reliance is making offshore wind an even more attractive target for cyber-attacks and hackers, whether politically or criminally motivated.

If a cyber-attack were to hit an offshore wind farm, it could result in financial, energy output and reputational losses. For example, an unchecked cyber-attack could halt production of a wind farm altogether, resulting in no input to the grid and therefore no power and no income. Estimates equate one day of downtime for a 500MW wind farm to a loss of approximately £360,000.

Additionally, some attacks could even cause physical damage to the turbines due to the unnecessary wear-and-tear experienced. Not only could these cyber-attacks affect individual wind farms,  hackers shutting down offshore wind production could potentially result in our electricity supply being interrupted or completely stopped.

It is this potential for national disruption that is bringing cybersecurity to the forefront of the offshore wind sector’s priorities. Cybersecurity must be considered integral at all stages of development and operations – it is not something that should be retrofitted years later. Turbine manufacturers need to build cybersecurity into the design of the turbine. Wind farm owner/operators should create secure digital ecosystems and ensure cyber best practice at their sites. The supply chain must provide their products and solutions are robust and secure. It will be a collaborative effort to protect our offshore wind sector from cyber-attacks best.

The operational technology/industrial control systems (OT/ICS) of wind farms are most of the time decentralised. Mutual interactions to fulfil the total functionality are required for the optimization of the processes. With information technology (IT), different elements are delivering their own functionalities and do not require other systems.

OT and IT: Make a cyber difference

It is necessary to understand the differences between IT and OT for cyber security. For IT, confidentiality is most important, for OT: availability. One of the examples is that IT deals with transactional processes and OT with real-time processes. While availability is the most important aspect and focus, it was often not part of the design and implementation.

Besides these many interconnections are existing and will be extended. Do we have time, knowledge and experience to really check the full system integrity every day or even every hour? Our priority should be maintaining the system’s integrity in real-time before availability. Monitoring systems to detect changes will support engineers to maintain and check the integrity of the control systems in real-time.

Hacking offshore wind farms/industrial control systems require expert domain knowledge of the specific system, physical processes and organization

• state-sponsored attacks take a long time of preparation
• they only attack when they are sure to succeed
• they have all the time of the world
• during an attack, you are always behind.

Insider threat is a big threat too, because of the fact he/she has already expert domain knowledge.