Move fast, but smart toward a healthier, more independent energy future.
When an invisible enemy attacked Colonial’s Pipeline’s oil distribution system, your average person on the East Coast noticed. It affected their plans, their budget, their time. Suddenly, people want to know how and why hackers gained access to the central system that digitally monitors pumps, flow, pressure sensors, thermostats, and pretty much everything else. Justifiably, many folks might ask, “Well, why are such sensitive controls not kept offline?” The short answer? Because we have arrived at the age of the Internet of Things (IoT), and life is only going to become more digital from here on in. The real question is, as we race to become a country dependent on clean energy, are we going to be smart about it? The speed in getting there, while critical, isn’t as important as keeping new infrastructure safe and sound. At best, hacker rings and other countries can create minor energy disruptions. At worst, we might endure life-threatening disasters. It’s enough to make a person want to live off the grid. But we’ll get to that later.
Ransomware on the rise.
Colonial Pipeline fell victim to a ransomware attack, which you could call a virtual kidnapping. Perpetrators find a way to infiltrate a company’s computer system with malicious code that locks up processes and/or encrypts the company’s data. To unlock data, they want money (often cryptocurrency) to give back control. No payment? Even if a company manages to unlock systems on its own, the hackers still have data they can release, sell, or use to further sabotage.
Was Colonial Pipeline prepared for this scenario? According to The Associated Press, a six-month audit by an outside consulting company in January 2018 revealed faulty information practices and poorly secured systems. Robert F. Smallwood, an employee of the consulting firm, was quoted as saying, “I mean an eighth-grader could have hacked into that system.”
How much had Colonial Pipeline done to address the problems? The company says that, since 2017, it has hired four independent firms for cybersecurity risk assessments and increased its overall information technology spending by more than 50%.
Blame can be cast wherever you like, but cybersecurity issues are an ever-changing challenge that demands ever-evolving tactics to stay ahead of threats.
Challenges to effective cybersecurity for the growing clean energy industry.
How frequently do companies fall prey to cybercriminals? Also reported by The Associated Press, cybersecurity firm Emsisoft claims 100 federal, state, and municipal agencies, over 500 health care centers, 1,680 educational institutions, and thousands of businesses have suffered ransomware attacks in 2020 alone.
If we’re going to push for the best clean energy industry possible, where should companies focus their attention on preventing these attacks?
Lean into the growing pains of the IoT: The World Energy Council says, “The digitalisation of the energy industry will continue. As the industry relies more on interconnectivity, the potential for cyberattacks to cause severe disruption to operations, loss of data, and financial losses should remain a key concern for energy executives.”
Energy companies need to prioritize allocating resources toward cybersecurity consultants and implement their suggestions. As digital technologies advance, protecting assets is a never-ending cycle of staying abreast of cybersecurity tech ahead of cybercriminals. Constant monitoring for new risks via open-source threat intelligence is key.
Thoroughly vet collaboration: Streamlined customer service is not the only reason companies place systems online. According to Politico’s E&E News, Former Assistant Secretary of Defense for Homeland Defense, Paul Stockton has said, “To help fight climate change, it’s absolutely vital that we increase our reliance on variable generation, above all solar and wind, and ensure that developers, including distributed energy resources, have the data that they need to design and advance their project. Sharing data is absolutely vital to this progress. The question is how do we share that data in a way that’s secure?” 
How indeed? In an article for Power Engineering, Vinnie Savino of LookingGlass Cyber Solutions suggests companies adequately evaluate suppliers and vendors. “Ask questions to identify their potential exposure areas, technical controls to data and systems, network segmentation practices and authentication tools used. After determining cybersecurity practices and enforcement capabilities a baseline can then be set for continuous partner monitoring, protecting sensitive data from unauthorized access that might result from gaps in extended parties’ and partners’ security infrastructure or from networks.”
Educate Employees: Security breaches can happen in the simplest of ways—as simple as one person falling for a phishing or ransomware attempt. You know … just like at home! Proper training can lessen the risk.
Freedom from Energy Disruption.
Utility disruption due to criminal activity or worsening climate challenges (think Texas), is a reality and likely will be for years to come. Want a comfortable alternative? The future of comfortable living is energy independence. As a country, it might be a while before we achieve it. As an individual, you can put the wheels in motion today to live partially or completely off the grid.
After the upfront costs of building or adapting your home, energy bills become minimal or non-existent. Depending on your location and preferences, solar arrays, wind turbines, or hydro-powered electric are your power options. Heating, cooling, and healthy indoor air are achievable through balanced mechanical ventilation by way of a high-efficiency Energy Recovery Ventilator. Whether you simply want to know you have a backup when local utilities go down or intend to live in a completely self-sufficient home, you’ll need to do your research. Consult contractors or professional engineers to guide you in understanding and achieving LEED or Passive House standards.
The key takeaway is this: If your residential or commercial property is net-zero or carbon-neutral, you can add an inverter or power storage via battery and operate off the grid. Disruption to public service utilities becomes a non-event. In fact, many states have introduced microgrid bills and the number of community smart microgrids is only growing. The grid failure in Texas served as a reminder that climate change, not just hackers, is also a growing threat to power flow.
Want to pick the brains of a company that retrofitted a 656,000-sq.ft. industrial complex to create more power than it used (net zero)? Give Haglid Engineering a call! We’re passionate about the subject and exist to provide comfortable living through energy independence!