Since 2022, one of the most consistent tactics adopted by Russia in its invasion of Ukraine has been the express targeting of the country’s power grid. Ukrainian energy facilities have been battered, with frequent blackouts across the country. President Zelensky announced earlier this year that Moscow had destroyed half of Ukraine’s electricity-generating capacity.
Hackers were able to use malware to cover their tracks – but with robust cybersecurity, this can be prevented. Some renewable energy companies in Europe, including Norway’s Hydro, have already bolstered their cyber-defence infrastructure. It’s time to UK did the same.
Our energy industry has been in the headlines for different reasons in recent months: it’s finally pivoting towards a greener future. Ratcliffe-on-Soar power station, the UK’s last remaining coal-fired power station, has now shut – ending our 142-year reliance on the fossil fuel. The Government also recently announced the Spherical Tokamak for Energy Production (STEP) Programme, the UK’s prototype nuclear fusion plant: a shining example of this new chapter we are entering.
Britons are world leaders in nuclear fusion – the process of combining two small atoms into a larger one, thereby releasing an abundant source of energy. It is one of the most efficient energy sources out there. This could revolutionise the way businesses and cities are powered through the grid: but it’s vital we protect the industry from hostile actors.
In March, Cyber Energia revealed that UK renewables companies faced up to 1,000 attempted cyberattacks per day and that only 1% of wind energy firms have adequate cyber protection. Last week, Sellafield, the nuclear waste site in Cumbria, was found to have left vital nuclear information exposed for four years because their servers were vulnerable to cyber-attacks. Rotem Farkash, a cybersecurity expert recently said that “energy infrastructure is one of the most targeted sectors for cyberattacks, especially as the infrastructure becomes more valuable.”
And nuclear fusion is no exception: “Nuclear fusion will be a massive target for adversaries”, Farkash continued. “Sustaining and increasing investment in cybersecurity infrastructure is critical to the UK’s long-term security.” STEP Chief Executive Sir Mark Chapman notes that current renewable energy sources are ill-equipped to defend from cyberattack because they are reliant on outdated infrastructure.
What can be done? Nuclear fusion can be better protected by military-grade cyber-security software: and the solution, as with many such things, is AI.
AI can accelerate processes to test, verify, authenticate and regulate software before it launches. Equally important is the matter of data protection: AI can help prevent sensitive information from being stolen; immediately identifying suspicious activity and alerting security teams to act. Moreover, AI can assist in the ‘compartmentalisation’ of data, where some information would be off limits to those without authorisation, limiting the ability of hostile actors to cause widespread damage.
Whatever the desired strategy, this new chapter presents opportunities and challenges. London is the world’s centre for green financing, home to the country’s leading energy firms and over 1,500 cybersecurity firms. Our capital will have a central role to play in safeguarding our infrastructure.
As we stand on the precipice of a new chapter in our energy history, the focus point has shifted from the coalfields of County Durham to the offices of a smart City cybersecurity firm. It’s time our energy debate recognised the new reality of energy policy.
Matthew Griffin is the Founder and Futurist in Chief of the 311 Institute, and author of the “Codex of the Future” series.