With the migration to renewable energy sources on the rise, their role in the overall national power supply has become critical. As such, renewable energy firms’ automation (SCADA, IIoT) systems have become a primary target for hackers, including well-funded state-sponsored hacker groups.
Renewable power plants are usually located in remote, isolated areas, and they tend to have a complex composition of stakeholders, including the plant owners (who usually operate several sites), the system integrator in charge of ongoing operation and maintenance, and the power utility that purchases the electricity.
Adding to the complexity is the interconnectedness of DER (distributed energy resources) grids, which introduce network risk to renewable energy plants from across the entire distribution system.
In addition, renewable energy operators are subject to a host of security and environmental regulations. It’s not surprising, then, that despite the technological advances and innovation, renewable energy operators have yet implemented adequate OT network protection and risk mitigation measures.