Moody’s shares data on global energy sector’s cyber-attack resilience

Oil&Gas Materials 25 April 2022 15:49 (UTC +04:00)
Moody’s shares data on global energy sector’s cyber-attack resilience
Maryana Ahmadova
Maryana Ahmadova
Read more

BAKU, Azerbaijan, April 25. Global electric utilities have shown high levels of cyber-attack preparedness as of 2020 survey, Trend reports via the research from Moody’s Investors Service.

According to the Moody's 2019 cyber heat map, the electricity utility sector has been identified as a key target for cyber-attack, and the recent attack on Ukraine’s power grid shows that another one, especially on the EU countries, is not an exception and is quite likely, Moody’s said.

While the further growth of the EU interconnector is planned, the increased risk of cyber-attacks impacting multiple countries may lead to energy imbalances across borders, the researchers noted.

Meanwhile, European authorities have requested to raise the minimum level of cybersecurity preparedness for operators of critical national infrastructure, such as electricity and gas networks.

The continued growth of intermittent renewable electricity generation, distributed generation, cross-border flows and new sources of demand, including electric vehicles and heat pumps, will further complicate electricity operation, the research said.

According to Moody’s, this has led to the fact that system operators, usually being a separate transmission system operator (TSO) power supply division, use a wider range of tools to balance the power grid and maintain network reliability, for example, by purchasing a larger and wider range of support services from market participants.

However, this increases the number of access points for the cyber attacker to direct his attack on the network management system. This also makes it difficult to analyze the root causes of malfunctions, especially the detection of manipulations, the researchers noted.

So, since the 2020 survey, several networks made management changes, including changing the reporting structure to provide the company's board of directors with a clearer understanding of cybersecurity protection measures and incident reporting, Moody’s said.


Follow the author on Twitter: @mariiiakhm