NATO countries ‘determined to protect turbines and grids from sabotage, cyber warfare’

The NATO roundtable took place at NATO headquarters in Brussels, with WindEurope chief executive Giles Dickson in attendance, participating in a panel discussion on critical energy infrastructure at sea and wider energy security threats.

The panel focused on physical and cyber-security threats to offshore windfarms and undersea cables. It concluded hybrid attacks and sabotage remain the most pressing threats to undersea infrastructure in Europe. Mr Dickson also stressed the crucial importance of data security.

“Europe must strengthen its efforts to protect its growing offshore wind infrastructure from physical attacks and sabotage,” Mr Dickson told the meeting. “At the same time, we mustn’t underestimate the cyber and data security threats.

“There are 300 sensors on a modern wind turbine. The data from those sensors should be stored and analysed exclusively in Europe and friendly countries.”

The event came a week after NATO Foreign Ministers met in Brussels to address escalating campaigns of hostile actions in NATO countries. Presenting the results of that meeting, NATO secretary general Mark Rutte said, “Russia and China have tried to destabilise our countries and divide our societies with acts of sabotage, cyber attacks and energy blackmail.”

NATO Foreign Ministers also pointed to a sharp increase in such attacks. “There have been 500 suspicious incidents in Europe this year. Up to 100 of them can be attributed to Russian hybrid attacks, espionage and influence peddling,” said Czech Foreign Minister Jan Lipavsky.

At its 2023 Vilnius Summit, NATO agreed to establish a Maritime Centre for the Security of Critical Underwater Infrastructure (CUI) within NATO’s Allied Maritime Command. The CUI co-ordination cell became operational in 2023 and focuses on deterring and defending against the coercive use of energy and other hybrid actions. It also pools satellite surveillance of hostile vessels that may be interfering with energy infrastructure.

NATO Foreign Ministers’ meeting discussed increased information sharing, joint exercises, better protection of critical infrastructure and cyber defence, noting that wind is now 20% of all the electricity consumed in Europe and it is critical to strengthen Europe’s energy security, not least as it’s home grown and reduces the need for fossil fuel imports. According to WindEurope, wind energy it has produced this year has saved Europe the equivalent of 100 bcm of gas imports.

WindEurope highlights that the decentralised nature of wind energy – there are 107,000 wind turbines across Europe – makes it less vulnerable to sabotage and foreign interference than many other forms of energy and the German Army is now advising German companies to operate their own wind turbines.

“But wind and grid assets also need protecting. The physical threats to Europe’s wind, grid and other offshore energy infrastructure are real. So are the cyber and data threats to wind energy infrastructure, both onshore and offshore,” said WindEurope.

The many sensors on wind turbines that monitor the performance of different components produce huge amounts of data and provide the power to control the functioning of the relevant components and thereby the turbines. “It is essential to mitigate the inherent risks here and ensure maximum data security of Europe’s windfarms, and to protect them from cyber attacks. This requires encryption tools, secure SCADA systems, and EU-based data management solutions.

“The EU Cyber Resilience Act, the ‘NIS2’ Directive (the EU’s Cybersecurity Law) and the EU Network Code for Cybersecurity are crucial tools here. The EU Net Zero Industry Act also requires prequalification criteria in wind energy auctions on cyber and data security.”