Electricity

Cyberattacks in energy sector doubled from 2020 to 2022

eurelectric cybersecurity measures study

Photo: Cliff Hang from Pixabay

Published

November 22, 2024

Country

Comments

comments icon

0

Share

Published:

November 22, 2024

Country:

Comments:

comments icon

0

Share

Cyberattacks in the energy sector have doubled from 2020 to 2022, increasing the risk of blackouts, disruptions and significant societal issues, according to Eurelectric’s latest report on cybersecurity.

In a new paper on cybersecurity in the energy sector, the organization advised the European Union to ensure consistent and harmonized implementation of the regulation, foster a skilled cybersecurity workforce, facilitate the necessary investments and promote collaboration.

The International Energy Agency has estimated that the attacks more than doubled between 2020 and 2022, with a record of 1,101 events on a global scale in 2022 where utilities were targeted, the authors note.

Since 2022, energy sector cybersecurity center EnergiCERT counted 48 publicly known attacks against European energy companies including supply, 31 ransomware attacks, of which almost half with data theft, and 15 affecting networks’ operational technology.

More than 20 cyberattacks on European energy utilities in 2022 were successful

Out of all geographical targets, attacks on EU countries rose from 9.8% to 46.5% during the first six months of 2023. More than 20 successful cyberattacks took place towards European energy utilities in 2022, according to EnergiCERT.

The publicly available data is not comprehensive due to the sensitivity of the topic, Eurelectric stressed.

Europe’s cybersecurity agency ENISA recently pointed out that the EU energy sector, in par with the banking sector, is investing more in information security measures than in sectors such as healthcare, transport and drinking water utilities.

eurelectric cybersecurity measures investments per sector

However, globally and across sectors, the EU is investing less in information security than North America and Asia-Pacific, the paper underlines.

Eurelectric said improving ICT systems requires not only larger investments but also a proficient and skilled workforce. In 2022, the European Commission estimated the shortage of cybersecurity professionals in all sectors in the EU at between 260,000 and 500,000, while the EU’s cybersecurity workforce needs were estimated at 883,000 professionals.

The EU has a multitude of legislative dossiers and institutions in place on cybersecurity

The EU has extensive legislation and certification schemes relevant to ensuring a protected power sector. The main and first cross-sectoral legislation is the Directive on Security of Network and Information Systems (NIS Directive), which was adopted in 2016 and recently updated as NIS 2.

In the previous EU legislative term, several pieces of cybersecurity legislation were published or proposed. The main regulation can be summarized as the amendments to the Cybersecurity Act, the Cyber Resilience Act (CRA), partly the Cyber Solidarity Act (CSA) and the Network Code on Cybersecurity (NCCS).

There are as many as 12 enforcement mechanisms and agencies involved in ensuring cybersecurity across Europe. There are three subcategories: EU institutions, advisory bodies and networks of member states, the paper reads.

Eurelectric called on policy creators to implement several measures:

  1. Foster a skilled workforce and facilitate investments
  2. Allow time for implementation – avoid new regulation unless absolutely necessary
  3. Put cybersecurity at the top of the agenda by improving collaboration.
Comments (0)

Be the first one to comment on this article.

Enter Your Comment
Please wait... Please fill in the required fields. There seems to be an error, please refresh the page and try again. Your comment has been sent.

Related Articles

serbia wind farm plandiste nis met dubravka djedovic

Government of Serbia interested in taking over Plandište wind project

25 July 2025 - Plandište is one of the projects that obtained feed-in tariffs under the first quota of 500 MW for wind power plants in Serbia

Project 81 MW solar park on coal mine in Montenegro

Project underway for 81 MW solar park on coal mine in Montenegro

24 July 2025 - The Government of Montenegro gave a provisional green light for a solar power plant of 81.1 MW in peak capacity on coal land in Pljevlja

croatia rp global novalja solar ebrd loan

RP Global gets EUR 12.2 million loan for Novalja solar project

24 July 2025 - In late April, Austrian company RP Global began the construction of the Novalja PV plant at the Zaglava site on the island of Pag

solarpower europe report 2025

EU faces first annual solar installation decline since 2015 – report

24 July 2025 - The EU is set to install less new solar in 2025 than it did in 2024 - the first annual drop in a decade, according to SolarPower Europe