Fact Check: Wind plant owners are leaders in cyber-security and grid reliability

Renewable energy is a hot topic, and that is generally a good thing. However, it can be a double-edged sword when a reporter attempts to spice up a storyline on an unrelated topic by attempting to somehow tie it to renewable energy.

A prime example is a recent article by Bloomberg News focused on the potential for cyber-attacks on the power system, a few attempted attacks that have occurred so far, and the steps that electric utilities are taking to thwart them. Cyber-security in the energy industry is an important news story, but it is a far larger topic that has little to nothing to do with renewable energy, aside from the obvious fact that renewable energy is part of our energy mix. Surveying the hundreds of pages of documents from the nation's electric reliability regulators and other experts outlining the top cyber-security concerns on the grid, renewable energy resources do not appear to ever be singled out as a primary area for concern.

In fact, aside from a single quote and a single tangential mention that is dissected below, renewable energy is not even discussed in the body of the Bloomberg article. Nevertheless, the three introductory paragraphs of the article are entirely focused on a supposed link between the growth of renewable energy and these cyber-security concerns, even though the body of the article never even attempts to establish a factual basis for that supposed link.

The Reality: Wind plants are leaders in cyber-security

In reality, wind plant owners and operators employ some of the most sophisticated cyber-security defenses in use in any industry. All modern power plants of any fuel type are connected to grid operators and plant operators by supervisory control and data acquisition (SCADA) communications systems, and wind plants are no different. Almost all wind plants are utility-scale installations that are connected to the high-voltage power system through a single plant-level power substation, so they are no different from any other type of power plant in that regard. In addition, the sophisticated power conversion equipment in wind turbines (which itself is very secure) provides a buffer between the generator and the bulk power system that is absent in almost all other types of power plants. This equipment protects against abnormal voltage and frequency deviations, and thus provides an additional firewall against an ill-intentioned cyber-attacker.

Power plant communications systems and control centers, for wind plants and other types of power plants, are subject to strict security standards governed by the two entities responsible for electric reliability in the U.S., the Federal Energy Regulatory Commission and the North American Electric Reliability Corporation. These standards evolve over time, and now include strict requirements for cybersecurity. For any type of power plant, information sent over these SCADA communications systems is protected using state-of-the-art encryption. For wind plants, this information is typically sent to the wind plant operator’s national or international control center, which also employs strict security measures that are comparable to those used by grid operators.

Wind and other power plant owners already have a strong financial incentive to ensure that these communication networks are secure. In addition to the obvious economic harm that a hacker could do to their own plant through sabotage, information about wind plant output and wind turbine status is extremely commercially sensitive as it could be used by any competitor in the energy sector for competitive advantage.

Moreover, given the small size of individual wind plants, wind energy would be a poor choice for a hacker intent on disrupting the power system. Based on their size alone, large conventional power plants pose a much greater risk for an attack aimed at causing a destabilizing loss of generation, as demonstrated by the fact that all blackouts and major electric reliability events that have occurred around the world have been caused by the loss of conventional generation or its supporting transmission infrastructure, and none caused by the loss of renewable energy.

Missing the point

Returning to the Bloomberg article, how did the reporters jump from this reality to the claim that the growth of renewable energy is directly linked to the rise of these cyber-security concerns? The primary source for the Bloomberg article appears to be a recent blog post by computer security firm Symantec about a recent attack by a group of attackers known as “Dragonfly.” That blog post describes the attack in great detail, but the only mention of renewable energy comes in a single anecdote near the end. Out of the more than 1,000 companies that have been infected and more than 10 that were specifically targeted by the Dragonfly attack, the Symantec blog post describes three companies that were attacked. One of those companies happens to do some work in the renewable energy sector, in addition to work on “other energy infrastructure” and for “a number of industrial sectors.”

Thus, the basis for the Bloomberg article’s claim appears to be the unremarkable fact that one of the more than 1,000 companies affected by the cyber-attack does some share of its business in the renewable energy sector. It would have been far more surprising if a cyber-attack that has affected more than 1,000 energy companies did not affect at least one company that has some involvement in the renewable energy industry. Fortunately, the aggressive steps wind energy companies and other power plant owners have taken to combat cyber-security threats are reducing the risk they pose to grid reliability.