Europes grid is under a cyberattack deluge industry warns POLITICO
p
Indepth reporting data and actionable intelligence for policy professionals all in one place pp
pp
pp
pp
pp
ppCyberattacks against the energy sector have spiked The sector needs to speed up chief officials say ppPress play to listen to this articleppVoiced by artificial intelligenceppBRUSSELS Thousands of cyberattacks have inundated Europes energy grid since Russias invasion of Ukraine and a top industry leader is calling for help as officials and researchers fret that not nearly enough is being doneppThe crooks are becoming better by the day so we need to become better by the day Leonhard Birnbaum the chief executive of EON one of Europes largest utilities said in an interview Im worried now and I will be even more worried in the futureppBirnbaum has reason to fret A recent report from the International Energy Agency found the average number of cyberattacks against utilities each week more than doubled between 2020 and 2022 worldwide with 1101 weekly attacks registered last year In the EU companies scrambled to hire cybersecurity experts in the month following Moscows assault on Kyiv the report noted indicating utilities were not fully preparedppPolish Deputy Energy Minister Ireneusz Zyska has seen it with his own eyes He recalled a recent visit to Polands grid operations hub buried three stories underground to protect it from nuclear attacksppI was observing thousands of attacks on our energy grid taking place live he told POLITICO ppIt is clear that these attacks come from the East the Russian Federation and nondemocratic countries he added These places he said have created special teams of people working on attacking the democratic states of the European Union cybernetically to cause havocppWere extremely concerned about the cyber threats and cyberattacks in the energy sector in the European Union Zyska saidppFor Birnbaum its all an indication that EU action is urgently needed Europes electricity networks are being increasingly digitized creating more potential openings for hackers he noted And the ongoing threat of physical damage to energy infrastructure a gas pipeline connecting Finland and Estonia ruptured just last month is compounded those concerns especially as winter arrivesppI think Europe can actually up their game here Birnbaum saidppA recent report by Europes cybersecurity agency ENISA also showed the energy sector ranked below sectors like transport health care banking and the wider ICT sector in terms of what IT spending went into cybersecurity ppThe problems are inevitable Birnbaum argued pointing to 1 million generators feeding into EONs German grids alone ppThe best protection against being attacked in the cyberspace is being analog he said but thats just not an option given new grid networks can only be operated maintained managed in a fully digital wayppAlready hackers are taking advantage Researchers at Googles Mandiant cybersecurity service tied a notorious Russian intelligence hacking group called Sandworm to an attack that disrupted Ukraines power grid late last year and then to another attack that hit nearly two dozen energy firms in Denmark in MayppThe global energy sector got a major wakeup call back in 2021 when US energy pipeline operator Colonial Pipeline faced a ransomware attack that forced it to take down its systems and caused massive disruptions to the countrys energy supplies for weeks ppEuropes grid operators share the concerns Damian Cortinas who chairs the board of the EUs electricity network association ENTSOE told a POLITICO event last week that tackling cyberattacks is an especially high priority for operators due to how interconnected Europes power systems are The EU needs to help countries that are the weakest links he saidppBrussels has taken steps toward protecting the blocs grids but glaring gaps remainppThe EU earlier this year imposed new cybersecurity requirements on critical sector companies including the energy sector under its NIS2 Directive which will become applicable in October 2024 The bloc also set up networks of private and public cybersecurity services in key sectors that are meant to improve sharing between countries on largescale digital assaults ppThe European Commission the EUs executive also presented new plans in September asking EU countries to better liaise on crossborder threats and strengthen cooperation with NATO after the apparent acts of sabotage that destroyed the RussiatoGermany Nord Stream gas pipelines last year ppBecause of Nord Stream 2 because of the Balticonnector FinnishEstonian pipeline because of whatever could happen its absolutely crucial Mechthild Wörsdörfer deputy director general at the Commissions energy department said at the same POLITICO eventppBut there is no 100 percent coverage she added By definition its quite difficultppThe challenge is that the operating systems used by Europes grids are up to 40 years old said Swantje Westpfahl director of the Institute for Security and Safety think tank meaning theyre very hard to patch if theres a problem Energy suppliers are often still figuring out how to secure both operations and information systems OT and IT and make sure they work with trusted partners in their supply chains ppEqually as grid networks increasingly digitalize its really hard to find cybersecurity experts to match the growing cyber risks Westpfahl added ppThe bloc has sectoral nonprofit organizations called ISACs including in the energy sector that share best practices cybersecurity threats among the blocs countries Westpfahl said But these are run by volunteers and would benefit from EU funding she saidppAnd thatll only get worse with growing geopolitical instability Conflict rallies people to a socalled cause she said and if they think theyre doing the right thing by attacking critical infrastructure then we have a problemppLog in to access content and manage your profile If you do not have an account you can register hereppppForgot your passwordppBy logging in you confirm acceptance of our POLITICO Privacy Policyp
Indepth reporting data and actionable intelligence for policy professionals all in one place pp
pp
pp
pp
pp
ppCyberattacks against the energy sector have spiked The sector needs to speed up chief officials say ppPress play to listen to this articleppVoiced by artificial intelligenceppBRUSSELS Thousands of cyberattacks have inundated Europes energy grid since Russias invasion of Ukraine and a top industry leader is calling for help as officials and researchers fret that not nearly enough is being doneppThe crooks are becoming better by the day so we need to become better by the day Leonhard Birnbaum the chief executive of EON one of Europes largest utilities said in an interview Im worried now and I will be even more worried in the futureppBirnbaum has reason to fret A recent report from the International Energy Agency found the average number of cyberattacks against utilities each week more than doubled between 2020 and 2022 worldwide with 1101 weekly attacks registered last year In the EU companies scrambled to hire cybersecurity experts in the month following Moscows assault on Kyiv the report noted indicating utilities were not fully preparedppPolish Deputy Energy Minister Ireneusz Zyska has seen it with his own eyes He recalled a recent visit to Polands grid operations hub buried three stories underground to protect it from nuclear attacksppI was observing thousands of attacks on our energy grid taking place live he told POLITICO ppIt is clear that these attacks come from the East the Russian Federation and nondemocratic countries he added These places he said have created special teams of people working on attacking the democratic states of the European Union cybernetically to cause havocppWere extremely concerned about the cyber threats and cyberattacks in the energy sector in the European Union Zyska saidppFor Birnbaum its all an indication that EU action is urgently needed Europes electricity networks are being increasingly digitized creating more potential openings for hackers he noted And the ongoing threat of physical damage to energy infrastructure a gas pipeline connecting Finland and Estonia ruptured just last month is compounded those concerns especially as winter arrivesppI think Europe can actually up their game here Birnbaum saidppA recent report by Europes cybersecurity agency ENISA also showed the energy sector ranked below sectors like transport health care banking and the wider ICT sector in terms of what IT spending went into cybersecurity ppThe problems are inevitable Birnbaum argued pointing to 1 million generators feeding into EONs German grids alone ppThe best protection against being attacked in the cyberspace is being analog he said but thats just not an option given new grid networks can only be operated maintained managed in a fully digital wayppAlready hackers are taking advantage Researchers at Googles Mandiant cybersecurity service tied a notorious Russian intelligence hacking group called Sandworm to an attack that disrupted Ukraines power grid late last year and then to another attack that hit nearly two dozen energy firms in Denmark in MayppThe global energy sector got a major wakeup call back in 2021 when US energy pipeline operator Colonial Pipeline faced a ransomware attack that forced it to take down its systems and caused massive disruptions to the countrys energy supplies for weeks ppEuropes grid operators share the concerns Damian Cortinas who chairs the board of the EUs electricity network association ENTSOE told a POLITICO event last week that tackling cyberattacks is an especially high priority for operators due to how interconnected Europes power systems are The EU needs to help countries that are the weakest links he saidppBrussels has taken steps toward protecting the blocs grids but glaring gaps remainppThe EU earlier this year imposed new cybersecurity requirements on critical sector companies including the energy sector under its NIS2 Directive which will become applicable in October 2024 The bloc also set up networks of private and public cybersecurity services in key sectors that are meant to improve sharing between countries on largescale digital assaults ppThe European Commission the EUs executive also presented new plans in September asking EU countries to better liaise on crossborder threats and strengthen cooperation with NATO after the apparent acts of sabotage that destroyed the RussiatoGermany Nord Stream gas pipelines last year ppBecause of Nord Stream 2 because of the Balticonnector FinnishEstonian pipeline because of whatever could happen its absolutely crucial Mechthild Wörsdörfer deputy director general at the Commissions energy department said at the same POLITICO eventppBut there is no 100 percent coverage she added By definition its quite difficultppThe challenge is that the operating systems used by Europes grids are up to 40 years old said Swantje Westpfahl director of the Institute for Security and Safety think tank meaning theyre very hard to patch if theres a problem Energy suppliers are often still figuring out how to secure both operations and information systems OT and IT and make sure they work with trusted partners in their supply chains ppEqually as grid networks increasingly digitalize its really hard to find cybersecurity experts to match the growing cyber risks Westpfahl added ppThe bloc has sectoral nonprofit organizations called ISACs including in the energy sector that share best practices cybersecurity threats among the blocs countries Westpfahl said But these are run by volunteers and would benefit from EU funding she saidppAnd thatll only get worse with growing geopolitical instability Conflict rallies people to a socalled cause she said and if they think theyre doing the right thing by attacking critical infrastructure then we have a problemppLog in to access content and manage your profile If you do not have an account you can register hereppppForgot your passwordppBy logging in you confirm acceptance of our POLITICO Privacy Policyp