BRUSSELS — Europe's energy grid is currently experiencing an unprecedented wave of cyberattacks, a trend that has intensified since Russia's invasion of Ukraine. Industry leaders express growing alarm over insufficient cybersecurity measures, prompting urgent calls for action to protect critical infrastructure.
"The crooks are becoming better by the day, so we need to become better by the day," said Leonhard Birnbaum, CEO of E.ON, one of Europe's largest utility companies. "I'm worried now and I will be even more worried in the future."
"The crooks are becoming better by the day, so we need to become better by the day,"
Birnbaum’s concerns are grounded in a report from the International Energy Agency, which revealed that the frequency of cyberattacks against utility companies more than doubled from 2020 to 2022. The report cited an alarming average of 1,101 weekly attacks against utilities last year. Following Moscow's strike on Kyiv, companies within the EU have rushed to expand their cybersecurity teams, suggesting a lack of preparedness amid rising threats.
Qualifying
Polish Deputy Energy Minister Ireneusz Zyska has witnessed the reality of these attacks firsthand. During a recent visit to Poland's grid operations hub, fortified underground to shield it from nuclear threats, Zyska noted: "I was … observing thousands of attacks on our energy grid taking place live."
He elaborated, saying, "It is clear that these attacks come from the East: the Russian Federation and non-democratic countries. They have created special teams of people working on attacking the democratic states of the European Union cybernetically to cause havoc."
"We’re extremely concerned about the cyber threats and cyberattacks in the energy sector in the European Union,"
Birnbaum believes that EU intervention is critical at this juncture. He pointed out the increasing digitization of electricity networks, which poses additional vulnerabilities to cyber intrusions. This digital transformation occurs against a backdrop of physical threats, including recent incidents such as the rupture of a gas pipeline linking Finland and Estonia.
"I think Europe can actually up their game here," Birnbaum asserted, highlighting the need for more robust cybersecurity policies.
"I think Europe can actually up their game here,"
A report from Europe’s cybersecurity agency, ENISA, underscores Birnbaum's position, revealing that the energy sector allocates less to cybersecurity compared to other sectors like transport, health care, banking, and ICT.
Qualifying
The challenges facing the energy sector might seem insurmountable. Birnbaum noted the complexity of maintaining security, citing that E.ON manages an astounding one million generators within its German grids alone. "The best protection against being attacked in the cyberspace is being analog," he explained, emphasizing that this approach is not feasible as modern grid networks must operate digitally.
"The best protection against being attacked in the cyberspace is being analog,"
Impact and Legacy
Hackers are already exploiting weak points within these infrastructures. A notable example is the connection of the Russian intelligence group Sandworm to attacks disrupting Ukraine's power grid last year, which then expanded to impact multiple energy firms in Denmark.
The wake-up call for the global energy sector came in 2021 when the Colonial Pipeline in the U.S. suffered a significant ransomware attack, causing extensive disruptions in energy supplies nationwide. This incident has drawn parallels within Europe, as grid operators continue to echo similar sentiments regarding cybersecurity.
Damian Cortinas, chair of ENTSO-E, the EU’s electricity network association, emphasized the urgency of addressing cyberattacks, particularly given the interconnectedness of Europe’s power systems. According to Cortinas, the EU should bolster support for countries that may be seen as the "weakest links" in this security chain.
"weakest links"
Brussels has initiated steps to safeguard the region’s energy grids, although significant gaps remain. Earlier this year, the EU enacted new cybersecurity regulations for critical sectors under the NIS2 Directive, set to take effect in October 2024. The bloc has also established networks of public and private cybersecurity entities aimed at improving cross-border cooperation on large-scale cyber threats.
Despite these advancements, the need for comprehensive solutions and preparedness in the face of evolving cyber threats remains clear. The energy sector is at a critical juncture as it strives to shore up defenses against a landscape defined by rapid technological change and escalating risks.
