New Renewable Energy Options Might Pose Cybersecurity Risks

Given that we are in an age where renewable energy alternatives to fossil fuels are being embraced, experts are saying new technologies designed to lead us to a more sustainable future might bring with them surprising cybersecurity risks.

A report just out of the Royal United Services Institute (RUSI), a UK-based defense and security think tank, spotlights some of the risks tied to the current move away from fossil fuels.

A review of the cybersecurity risks of renewable energy practices

“Renewables offer huge opportunities for the UK to become more self-sufficient in energy production whilst mitigating effects of climate change. This transition has to be taken with cybersecurity in mind, cognizant of future cyber threats to society due to the massive digitalization of the sector,” said Sneha Dawda, research fellow in cybersecurity at RUSI, according to ZDNet.

The think tank reveals that the supervisory control and data acquisition (SCADA) systems that are used to manage industrial networks are one of the key targets for hackers. Many of these existing networks are so outdated that they often can’t even receive the most current security updates.

If they are connected to the Internet, they can be easily accessible targets for a cyberattack.

Additionally, ZDNet reports that the newer counterparts to these systems might rely heavily on cloud computing — this bears with it many of the risks we often discuss, such as unsecured logins and out-of-date security patches that pretty much offer a front door for cybercriminals to access sensitive data.

A lot of these networks for energy providers use legacy security systems. Updating these existing systems can be costly or might require complete replacement. It’s a challenge to rebuild them from scratch, but by not doing so, these systems are very tempting to hackers.

RUSI states that one of the most pressing concerns around this issue is what it could mean for supply chains.

“If one vendor within the supply chain is compromised, this can have widespread consequences for all connected organizations,” the report states, as cited by ZDNet.

The need to stay vigilant

Another area of concern centers on Litihium-ion batteries.

These use battery management systems (BMS) to patrol for safety and reliability, oftentimes connected to networks. RUSI says that encryption flaws and currently existing authorization and remote access entry points to these devices can be easily compromised.

Additionally, our energy-saving age has seen the rise of electric vehicles. Home chargers needed for electric and hybrid automobiles bear similar security risks.

Many of these Internet-connected chargers have “firmware vulnerabilities that attackers can exploit,” ZDNet reports.

“While these vulnerabilities have been patched, they provide good examples of how this technology is lacking in industry standards,” the RUSI paper reads.  Essentially, as we move to a new approach in how we consume and conserve energy, new regulations have to be put in place to ensure the best cybersecurity standards are upheld.

Published by Peter Cavicchia

Peter Cavicchia is a retired U.S. Secret Service Senior Executive, now Chairman of the security consulting firm Strategic Services International LLC.

%d bloggers like this: