Electricity

Cyberattacks in energy sector doubled from 2020 to 2022

eurelectric cybersecurity measures study

Photo: Cliff Hang from Pixabay

Published

November 22, 2024

Country

Comments

comments icon

0

Share

Published:

November 22, 2024

Country:

Comments:

comments icon

0

Share

Cyberattacks in the energy sector have doubled from 2020 to 2022, increasing the risk of blackouts, disruptions and significant societal issues, according to Eurelectric’s latest report on cybersecurity.

In a new paper on cybersecurity in the energy sector, the organization advised the European Union to ensure consistent and harmonized implementation of the regulation, foster a skilled cybersecurity workforce, facilitate the necessary investments and promote collaboration.

The International Energy Agency has estimated that the attacks more than doubled between 2020 and 2022, with a record of 1,101 events on a global scale in 2022 where utilities were targeted, the authors note.

Since 2022, energy sector cybersecurity center EnergiCERT counted 48 publicly known attacks against European energy companies including supply, 31 ransomware attacks, of which almost half with data theft, and 15 affecting networks’ operational technology.

More than 20 cyberattacks on European energy utilities in 2022 were successful

Out of all geographical targets, attacks on EU countries rose from 9.8% to 46.5% during the first six months of 2023. More than 20 successful cyberattacks took place towards European energy utilities in 2022, according to EnergiCERT.

The publicly available data is not comprehensive due to the sensitivity of the topic, Eurelectric stressed.

Europe’s cybersecurity agency ENISA recently pointed out that the EU energy sector, in par with the banking sector, is investing more in information security measures than in sectors such as healthcare, transport and drinking water utilities.

eurelectric cybersecurity measures investments per sector

However, globally and across sectors, the EU is investing less in information security than North America and Asia-Pacific, the paper underlines.

Eurelectric said improving ICT systems requires not only larger investments but also a proficient and skilled workforce. In 2022, the European Commission estimated the shortage of cybersecurity professionals in all sectors in the EU at between 260,000 and 500,000, while the EU’s cybersecurity workforce needs were estimated at 883,000 professionals.

The EU has a multitude of legislative dossiers and institutions in place on cybersecurity

The EU has extensive legislation and certification schemes relevant to ensuring a protected power sector. The main and first cross-sectoral legislation is the Directive on Security of Network and Information Systems (NIS Directive), which was adopted in 2016 and recently updated as NIS 2.

In the previous EU legislative term, several pieces of cybersecurity legislation were published or proposed. The main regulation can be summarized as the amendments to the Cybersecurity Act, the Cyber Resilience Act (CRA), partly the Cyber Solidarity Act (CSA) and the Network Code on Cybersecurity (NCCS).

There are as many as 12 enforcement mechanisms and agencies involved in ensuring cybersecurity across Europe. There are three subcategories: EU institutions, advisory bodies and networks of member states, the paper reads.

Eurelectric called on policy creators to implement several measures:

  1. Foster a skilled workforce and facilitate investments
  2. Allow time for implementation – avoid new regulation unless absolutely necessary
  3. Put cybersecurity at the top of the agenda by improving collaboration.
Comments (0)

Be the first one to comment on this article.

Enter Your Comment
Please wait... Please fill in the required fields. There seems to be an error, please refresh the page and try again. Your comment has been sent.

Related Articles

Romania calls agricultural food firms apply solar wind power grants

Romania calls agricultural, food firms to apply for solar, wind power grants

25 December 2024 - The Agency for Financing Rural Investments (AFIR) has EUR 150 million in grants for photovoltaic and wind power in Romania

republic of srpska gacko ugljevik coal power

Republic of Srpska doesn’t have EUR 357 million to maintain production in coal power plants

24 December 2024 - Minister Petar Đokić held a meeting with the boards of directors and supervisory boards of coal complexes Gacko and Ugljevik

IPTO completes Attica Crete subsea interconnection Ariadne

IPTO completes Attica-Crete subsea interconnection Ariadne

24 December 2024 - Greece's IPTO started partial tests of the Ariadne interconnector between the mainland grid and Crete. The link has 1 GW in capacity.

Romanian Minister of Energy Sebastian Burduja reappointed

Romanian Minister of Energy Sebastian Burduja reappointed

24 December 2024 - Minister of Energy Sebastian Burduja remained in his seat following the recent general elections in Romania. He promised continuity and an acceleration in investment.