Search on Ifri.org

About Ifri

Frequent searches

Suggestions

Cyber Attacks: A New Threat to the Energy Industry

Editorials
|
Date de publication
|
Référence taxonomie collections
Édito Énergie
Image de couverture de la publication
couv_edito_desarnaud_cybermenace.png
Accroche

The Network and Information Security (NIS) Directive has been adopted on July 6th, 2016 by the European Parliament, three years after the initial proposal by the European Commission. It paves the way for a much needed common cyber security strategy within the EU. This Edito explains the reasons why the energy industry is particularly vulnerable to cyber attacks, and what tools this new directive brings about to protect European critical infrastructures.

Image principale
Command room of Itaipu hydroelectric dam on river Parana on the border of Brazil and Paraguay - Shutterstock/Matyas Rehak
Command room of Itaipu hydroelectric dam on river Parana on the border of Brazil and Paraguay - Shutterstock/Matyas Rehak
Corps analyses

In about two decades, the energy industry has been deeply transformed by the digital revolution, which penetrated companies’ commercial, administrative and financial branches, but also their industrial systems.  From the optimization of electric grids to the precision of oil drilling, information and communication technologies (ICT) are now essential to every stage of energy production, transport and distribution processes. Data mining and analysis are increasingly considered as the energy sector’s new “black gold”, and generate new activities just like the platform Predix, designed by General Electric to help energy companies (among others) collect and analyze industrial data.

This silent revolution offers countless economic opportunities and paves the way for a better resource distribution and use. But it also puts physical energy infrastructures at risk. 

An Expanding Threat

The 23 December 2015 in Ukraine, a cyber-attack on several regional grid operators deprived more than 200 000 people of electricity for a few hours, and constrained operators to physically intervene at the substations to restore power. Since substations could no longer be remotely controlled, on-site interventions had to be maintained during several weeks after the event in order to ensure the electricity delivery. The use of common hacking methods such as phishing, combined with a very precise knowledge of Industrial Control Systems (ICS) dealing with electricity distribution, allowed attackers to remotely activate breakers in about 30 electric substations and cut the power off.

This was the first time a cyber-attack targeting the grid had physical consequences. Few attacks are likely to have such implications. All experts agree on the fact that the level of preparation and coordination, the degree of knowledge of ICS targeted and probable financial means invested in this operation are not within reach of any criminal group, or State. Moreover, an on-field study conducted by several Federal US agencies found that the Ukrainian operators’ ICS were particularly well protected.

Ukrainian authorities have been quick to point at Russia after the event, and even if very few elements can lead to the conclusion that Moscow was involved in the attack, this event might well have a geopolitical background. The only other known cyber-attack with serious consequences on an energy infrastructure goes back to the Stuxnet worm discovered in 2010, designed to slow the progression of the Iranian nuclear program. A thousand uranium enrichment centrifuges were damaged by this malware, which went unnoticed for more than a year. Here again, strategic interests and the presumed support of two nation-States (the USA and Israel) make this attack remarkable.

Energy companies are more and more targeted by this kind of threats, and the structure of their activity makes them particularly vulnerable, for several reasons...

 

 

Read the full text in PDF below.

 
Decoration

Available in:

Share

Download the full analysis

This page contains only a summary of our work. If you would like to have access to all the information from our research on the subject, you can download the full version in PDF format.

Cyber Attacks: A New Threat to the Energy Industry

Decoration
Author(s)
Photo
photo_gabrielle.jpg

Gabrielle DESARNAUD

Image principale
Climate & Energy
Center for Energy & Climate
Accroche centre

Ifri's Energy and Climate Center carries out activities and research on the geopolitical and geoeconomic issues of energy transitions such as energy security, competitiveness, control of value chains, and acceptability. Specialized in the study of European energy/climate policies as well as energy markets in Europe and around the world, its work also focuses on the energy and climate strategies of major powers such as the United States, China or India. It offers recognized expertise, enriched by international collaborations and events, particularly in Paris and Brussels.

Image principale

Europe’s Black Mass Evasion: From Black Box to Strategic Recycling

Date de publication
02 December 2024
Accroche

EV batteries recycling is a building block for boosting the European Union (EU)’s strategic autonomy in the field of critical raw minerals (CRM) value chains. Yet, recent evolutions in the European EV value chain, marked by cancellations or postponements of projects, are raising the alarm on the prospects of the battery recycling industry in Europe.

Image de couverture de la publication
Couverture Politique étrangère 4-2024

The New Geopolitics of Energy

Date de publication
03 December 2024
Accroche

Following the dramatic floods in Valencia, and as COP29 opens in Baku, climate change is forcing us to closely reexamine the pace—and the stumbling blocks—of the energy transition.

Image principale

Can carbon markets make a breakthrough at COP29?

Date de publication
30 October 2024
Accroche

Voluntary carbon markets (VCMs) have a strong potential, notably to help bridge the climate finance gap, especially for Africa.

Image principale

Taiwan's Energy Supply: The Achilles Heel of National Security

Date de publication
22 October 2024
Accroche

Making Taiwan a “dead island” through “a blockade” and “disruption of energy supplies” leading to an “economic collapse.” This is how Colonel Zhang Chi of the People’s Liberation Army and professor at the National Defense University in Beijing described the objective of the Chinese military exercises in May 2024, following the inauguration of Taiwan’s new president, Lai Ching-te. Similar to the exercises that took place after Nancy Pelosi’s visit to Taipei in August 2022, China designated exercise zones facing Taiwan’s main ports, effectively simulating a military embargo on Taiwan. These maneuvers illustrate Beijing’s growing pressure on the island, which it aims to conquer, and push Taiwan to question its resilience capacity.

Page image credits
Command room of Itaipu hydroelectric dam on river Parana on the border of Brazil and Paraguay - Shutterstock/Matyas Rehak

How can this study be cited?

Image de couverture de la publication
couv_edito_desarnaud_cybermenace.png
Cyber Attacks: A New Threat to the Energy Industry, from Ifri by
Copy
Image de couverture de la publication
couv_edito_desarnaud_cybermenace.png

Cyber Attacks: A New Threat to the Energy Industry