Follow us

At this year’s Black Hat, a leading information security conference held in Las Vegas, cyber security researchers exposed new vulnerabilities in industrial control systems and warned that malware (including ransomware) could force companies to have to choose between expensive downtime and the potentially less expensive option of paying a cyber attacker’s ransom.Against this background, a researcher from Tulsa University was granted permission to penetrate and test the security of five different wind farms across the US. He found the same vulnerabilities across multiple wind farms, which included easy-to-guess or default passwords, weak and insecure remote management interfaces and no authentication or encryption of control messages. The researcher also found that if an individual gained physical control of one turbine he could control the entire wind farm and this proved surprisingly easy as he gained physical control of a turbine by picking a simple lock and plugging a Raspberry Pi minicomputer into the network. Once into the system cyber attackers can immobilise turbines, suddenly triggering their brakes to potentially damage them, and even relay false feedback to their operators to prevent the attack from being detected.

The team built three examples of how wind farms could be attacked. This includes malware that could, send commands to other turbines on the network which can then disable those turbines, spread from one automation controller to another across the entire farm and permit man-in-the-middle attacks in respect of the operators' communications with the turbines.

Although the researchers only switched off one wind turbine at the time, a malicious user could have the ability to switch off an entire wind farm. The ease with which the researchers were able to do this highlights an important (and potentially devastating) cyber security issue that wind companies will need to consider. In particular, as wind power grows as an important source of electricity, wind farms may well become a more attractive target for those looking to disrupt and garner attention.

Indeed the Annual Incidents report 2016, issued by the European Union Agency for Network and Information Security (“ENISA”), found that that malware causes the longest lasting incidents. This report reiterates, yet again, the disruptive and sector agnostic effect of cyber-attacks and the need to implement appropriate security protocols.

Miriam Everett photo

Miriam Everett

Partner, Global Head of Data Protection and Privacy, London

Miriam Everett
Nick Pantlin photo

Nick Pantlin

Partner, Head of TMT & Digital UK & Europe, London

Nick Pantlin
Andrew Moir photo

Andrew Moir

Partner, Intellectual Property and Global Head of Cyber & Data Security, London

Andrew Moir
Claire Wiseman photo

Claire Wiseman

Professional Support Lawyer, London

Claire Wiseman

Related categories

Key contacts

Miriam Everett photo

Miriam Everett

Partner, Global Head of Data Protection and Privacy, London

Miriam Everett
Nick Pantlin photo

Nick Pantlin

Partner, Head of TMT & Digital UK & Europe, London

Nick Pantlin
Andrew Moir photo

Andrew Moir

Partner, Intellectual Property and Global Head of Cyber & Data Security, London

Andrew Moir
Claire Wiseman photo

Claire Wiseman

Professional Support Lawyer, London

Claire Wiseman
Miriam Everett Nick Pantlin Andrew Moir Claire Wiseman