Last year, 93.1% of all electricity generated in Brazil came from renewable sources; in March the energy sector was the fifth most attacked by cybercrime
In a hacker attack targeting wind farms, it is possible to manipulate the turbines, change their speed and even cause an explosion, by braking them and heating the brakes until they catch fire. This is just one of the possibilities of attacks on energy distribution systems widespread throughout Brazil, as warned by expert Rafael Narezzi, founder of Cyber Energia. According to him, a situation like this, on a large scale, could bring disruption to society, generate energy balance problems in the country and even cause a blackout.
Last year, more than 93.1% of all electricity generated in Brazil came from renewable sources, such as solar, wind, hydroelectric and biomass, as shown in the graph study on the Commercialization of Electric Energy (CCEE). Data Cyber threat report presented by Trellix They also show that in the first quarter of last year, the energy sector was the target of 5% of attacks globally.
The expert explains that as the demand and use of clean energy increases, concerns about the safety of these operations also increase. “Decentralising the way we generate energy is good, but you have to consider that it will increase the surface area for hacker attacks, as there will be more targets. A hydroelectric power plant, for example, is a single target, but a wind farm has several towers. And again There are no standards or regulations for the owners of these systems.”
In 2021, the world witnessed the US government declare a state of emergency in some regions after a cyber attack suffered by Colonial, the largest gas pipeline network in the US. The network was completely disconnected and more than 100GB of information was stolen from the company’s pipeline, which was carrying millions of barrels per day, essentially 45% of the U.S. East Coast’s supply of diesel, gasoline and kerosene. “Imagine something of this magnitude happening here, in Brazil, with the use of clean energy,” he comments.
Rafael explains that although progress in the use and implementation of renewable energy by public and private sector companies and society at large depends on digital technology, this transition must be made with caution. “Investing in technology does not necessarily mean investing in security, as digital transformation tends to be faster than protecting wind or solar farms, for example, so this difference can generate risks and exposures.”
According to him, the big problem is that security is considered the last pillar of clean energy implementation planning, which in case of attacks can cause serious losses to companies. “Automation and the Internet of Things (IoT), for example, can be crucial for the correct monitoring, optimization, production and distribution of energy, increasing operational efficiency and generating even greater resource savings,” he explains Narezzi, who now wants to bring the methodology used in Cyber Energy to Brazil.
Europe, for example, already has a cybersecurity regulation, called NIS2, approved at the end of 2022, so that entities can increase the level of protection against cyber attacks. According to the legislation, European Union countries have up to 24 months to comply with the agreement, which aims to improve enforcement of standards and increase resistance to attacks by public and private companies. Some of the sectors that will be subjected to this regulation are healthcare, telecommunications, banking and energy. “With the NIS, the director will be responsible for the attacks and could lose his job, as well as being responsible for negligence. The company could also lose its operating license and suffer a fine, with serious financial consequences,” says the expert.
In Brazil, at the end of last year, the National Cybersecurity Policy was established, which has among its objectives the development of regulation, inspection and control methods to improve national cybersecurity. “We need to give visibility to the issue and ensure that the customer has governance, understands the security perimeter it must have and the risk associated with it,” says Narezzi, reiterating the work of CFP Cyber Energia to carry out the mapping of all risks turbine computer scientists, as well as protecting everything from energy production to distribution.
Then, bring the customer a comprehensive newsletter with points of improvement, changes and shows what is already security compliant. “We are here to ensure cybersecurity in the renewable energy sector so that the company is compliant with Nis 2.0. Our goal is to bring this protection and experience to companies that generate and distribute wind energy in Brazil, so that clean energy comes to a safe and sustainable way for an ever-increasing number of places and regions”, concludes Rafael Narezzi.
Website: https://www.cyberenergia.com/
Source: Terra
Rose James is a Gossipify movie and series reviewer known for her in-depth analysis and unique perspective on the latest releases. With a background in film studies, she provides engaging and informative reviews, and keeps readers up to date with industry trends and emerging talents.
