Senior Sales Manager Energy
Phone +49 30 726112-0
Reports of unauthorized access to data that belongs to energy suppliers are not just isolated events. Even more worrying is the fact that this is an international phenomenon.
Since April 2013, the Dragonfly hacker group has been targeting energy suppliers, mainly in the United States and Spain. In Austria, the gas grid server of the energy company Energie Steiermark was attacked.
In Germany, energy utility Stadtwerke Ettlingen made headlines when a project with the well-known hacker Felix “FX” Lindner revealed that it was possible to hack into the utility’s control room. Managing Director of the utility Eberhard Oehler took part personally in the experiment, having already made security a matter for top management.
Many smaller utilities don’t put the same emphasis on IT that the big energy providers do. In light of the increasing digitalization of the energy industry, however, it is absolutely necessary for everyone – including the small players – to engage with the issue of security and make it a priority for top management.
Yet some of the findings that emerged from the simulated attack on the Ettlingen energy utility were positive and quite encouraging. Although the hacker managed to get into the control room, he was unable to retain control for long. This was because the detectors and protection mechanisms used in many places are quick to identify irregularities and are able to prevent them through targeted interventions.
Germany has committed itself to a greener, more sustainable energy economy, a transition that requires the installation of smart meters. These are often considered potential weak points for hacker attacks. However, unlike many other countries that already use this technology, Germany has taken an additional step. Its Federal Office for Information Security (BSI) has introduced the role of Smart Meter Gateway Administrator and defined numerous technical guidelines to protect systems and data. Medium-sized and smaller utilities generally do not have the organizational and financial means to build up their own infrastructure in accordance with these guidelines. However, they can still fulfill their role as Smart Meter Gateway Administrator – by using special software as a service (SaaS) offers, for instance – and thereby satisfy the toughest security requirements.
There are many options available to companies that want to improve their data security and data protection. Germany will no doubt play a leading role here, and not just in terms of the transition to a green energy economy. It will also be a pioneer in data security for smart metering and smart grids – and will be used by many other countries as a benchmark.