New research from The Alan Turing Institute has highlighted the extent at which the UK’s offshore wind farms are vulnerable to cyberattacks.
The study noted that due to the isolated nature of offshore wind farms, as well as the fact that many rely on dated software and communications technology that wasn’t designed with cybersecurity considerations, they make for an attractive target for cyberattacks.
The research, conducted by The Alan Turing Institute’s Centre for Emerging Technology and Security (CETaS) and Data Centric Engineering (DCE) programme, suggests that artificial intelligence (AI) and intelligent automation might play crucial roles in boosting these systems’ security. These technologies could assist operators in detecting and anticipating potential cyber threats.
Recommendations from the study include the adoption of AI in offshore wind’s digital frameworks, the formation of organisational emergency protocols, the facilitation of cross-border intelligence sharing concerning cyberattacks, and the establishment of security protocols to respond to such incidents.
Given the integral role of offshore wind in the UK’s energy strategy, with the fleet currently responsible for around 13% of the UK’s electricity, any successful cyber attack could have massive implications.
Additionally, there’s a real threat that cyberattacks, successful or not, could erode public confidence in wind and other renewable energy sources, potentially leading to interruptions in power supply and impacting essential services.
There have already been numerous incidents of cyberattacks affecting companies like Enercon, Vestas, Nordex, and Deutsche Windtechnik, who have reported malware and ransomware attacks. That only underscores the urgency of enhancing cybersecurity measures.
Anna Knack, Lead Researcher for CETaS and author of the report, emphasises the growing importance of offshore wind in the UK’s energy landscape and the necessity for heightened protective measures. “As offshore wind becomes a larger part of the UK’s energy supply, it is essential that more is done to protect it from disruption and cyberattacks,” said Knack.
Dr. Alexander Babuta, Director of CETaS, also commented on the need for a holistic approach to security. “The UK’s offshore wind production is set to significantly increase over the coming years. However, the more it becomes integrated into our energy supplies the greater the potential for serious disruption if it were to come under a cyberattack.
“Incorporating AI into these systems is one way that cybersecurity could be improved. However, to make offshore wind more resilient we need to consider the robustness of the entire system, such as rapid power recovery, as well as eliminating cybersecurity threats.”