The mounting cyber threat to power infrastructure

The power sector isn't immune from rising levels of cyberattacks, and utilities face "serious difficulties" finding and retaining workers to defend against them, a new analysis finds, Ben writes.

The big picture: A new International Energy Agency commentary notes that power companies have become increasingly digital.

• This has plenty of upsides for everything from plant management to better integrating renewables and storage.
• But it also increases exposure to cyberattacks, which have recently disabled remote wind farm controls and breached consumer data, to name two effects, IEA said.

State of play: The IEA analysts acknowledge data limitations, but overall there's mounting evidence rapidly rising attacks since 2018.

• They reached "alarmingly high levels in 2022 following Russia's invasion of Ukraine."

Threat level: The attacks tend to trigger a hiring rush, which suggests "lack of long-term strategy or planning in the past."

• And recruiting and retention is a problem. That's due to high demand for cyber pros, comparatively lower wages for power sector cyber experts relative to other industries, and specific skillsets needed, IEA said.

The bottom line: Utilities need to make cybersecurity a "core element of their business strategy," and smaller players may need additional backing from policymakers and regulators, the analysts said.

Full analysis.