Cyber Vulnerability in Wind Turbines

It has been reported that a wind turbine which is deployed across the energy sector worldwide has been hacked.  Due to a software bug, an attacker can get the user name and password from the browser.  This can allow admin rights to the whole system.

Why is this important?

Any vulnerability in IT systems allows attackers to access data unlawfully.  It is also a good example of how easy it is to end up with a cyber risk on your hands in critical national infrastructure.  The EU is planning a new Cyber Directive to strengthen the security obligations on “market operators” of “critical infrastructure”.  While it is great to have a Digital Agenda for cyber risk in Europe, the real issue is trying to ensure that system vulnerabilities are avoided.  We have done this for years in major IT systems.  The same thinking needs to be applied to new Internet-enabled devices and objects.  Then think about data leaks with wearable tech…!

Nick Graham

About Nick Graham

Nick Graham is the Global Co-Chair of Dentons' Privacy and Cybersecurity Group. He specialises in data privacy, cybersecurity, information governance. Nick advises across all sectors including retail, telecoms, energy, manufacturing, banking, insurance, transport, technology and digital media.

Full bio