synergy logo.png

The Deficit of the Digitalized Energy Sector: Cyber Threats - Büşra Öztürk

Long-term global and regional energy perspectives conducted jointly by the International Institute for Applied Systems Analysis (IIASA) and the World Energy Council (WEC) indicate that an increase of almost 190% is expected in energy consumption in the next century. This means that the energy demand will nearly double the current situation. The most important item of this consumption increase is expected to be renewable energy. In addition, a serious increment is expected in nuclear and natural gas. Moreover, to the increasing trend of primary energy sources, electricity consumption is expected to triple. The reason for this is the increase in the use of electrical devices, in other words, the widespread use of electrification systems, which means the usage of electricity as an energy source.

While the energy demand and consumption trend are increasing, the digitalization in energy is also on the rise with the use of various emerging technology systems such as artificial intelligence, IoT, and blockchain. For example, the increasing necessity for integrated technology is essential to meet the need for oil and natural gas demand by providing efficiency in fields that are difficult to produce, such as heavy oil fields and deep-sea fields. On the other hand, the request to increase efficiency and performance in energy and develop green energy technologies on the verge of environmental concerns leads to more digitalization in energy. The expected extraordinary increase in electricity consumption means further digitization of grid systems. In this sense, models with more automation supported by artificial intelligence are becoming widespread.

One of the biggest risks of digitalization in energy is increasing vulnerability to cyber-attacks. Cyber security is an issue that draws attention as the place of digitalization in our lives grows day by day. Since the energy sector is directly related to many sectors, it takes great attention to security. IBM Security Report represents that the sector that suffers the most cyberattacks in 2021 is the energy sector, specifically the electricity and oil industry. Attacks such as unauthorized entry, sabotage and blocking, data theft, locking the system, disrupting the flow, and theft with finance are organized in these areas.

Energy systems are critical systems that must be kept in balance. When some data structures are intervened, there are possible dangers such as malfunctioning the systems and crashing the entire network. This is because current systems are built with emergency closing mechanisms to prevent further damage in case of a possible earthquake. For example, the Shamoon virus infiltrated an oil refinery in Saudi Arabia, and the emergency shutdown button was activated. The spectrum of cyber-attacks is also expanding day by day. Nowadays, instead of a direct system shutdown attack to stop production, it is aimed to weaken the product quality by changing production software and recipes. It is observed that this decrease in quality causes more financial damage than stopping production because it affects international trade agreements.

To provide cyber security in energy projects, there exist some strategies. First, a safety culture must be established to ensure that the steps taken during production are periodically reviewed and that the change in the resulting tests is detected. To achieve this, the information can be exchanged with stakeholder companies doing business in cyber security. As a result of the implementation of this strategy, it is expected that there will be a synergy between all energy sector stakeholders in the field of cyber security applications. Another strategy is to improve incident management, developing detection, remediation, and recovery activities. Implementation of this strategy allows rapid return to normal activities and minimizes the impact of the attack on energy distribution and transmission systems.

In summary, energy is a major infrastructure that rapidly develops and digitizes with advancements in technology. With the help of digitalization, it is aimed to meet the increasing energy demand in an environmentally friendly and more profitable way. However, combining energy systems with digitalization easily brings various attack risks. In this sense, it is important to cooperate with other institutions working in energy and cyber security to protect production systems and minimally affect distribution systems in case of attack. Especially since the energy sector is directly related to many industries and is one of the most fundamental areas of a country, it is critical to be resilient to cyber threats.