ENCS and ENTSO-E join in fight against energy cyber attacks

ENCS and ENTSO-E have signed a MoU to develop cyber security regulation, practices and standards for the electricity system.
Published: Thu 22 Jun 2017

Brought to you by:


The European Network for Cyber Security (ENCS) in the Netherlands and the Brussels-based European Network of Transmission System Operators for Electricity (ENTSO-E) have formed a tighter collaboration in a bid to increase Europe’s power system resilience against cyber attacks.

ENCS is providing ENTSO-E with technical information and support on cyber security issues while ENTSO-E will give insights into the European transmission system and the challenges faced by its operators.

Collective expertise to meet cyber security threats

“As a membership organisation, our strength is in the huge collective experience and knowledge spread across our member base,” explains Anjos Nijk, Managing Director, ENCS, in a statement.

Nijk adds: “That’s what we bring to bear on solving Europe’s smart grid cyber security challenges. By collaborating with ENTSO-E, we gain visibility and insight from a wider and deeper pool of experts, and they can begin to benefit from the expertise we’ve developed."

According to Laurent Schmitt, Secretary General, ENTSO-E, the energy landscape is in a period of transition and one of the biggest changes is the “ever-mounting cyber security challenge”.

Energy cyber security threats on the rise

This collaboration agreement follows a series of hacking and security training programmes organised by ENCS in which ENTSO-E and its members participated.

The electricity sector has come under increasing threat from cyber attacks in the past two years.

The first time that a cyber weapon was successfully used against a country’s electricity grid was in December 2015 when the Prykarpattyaoblenergo Control Centre (PCC) in the Ivano-Frankivsk region of Western Ukraine, was targeted.

The cyber attack left 230,000 without power for up to 6 hours and highlighted the significant skill of the hackers who must have been planning the assault for months.

Over the years, numerous types of malware have targeted SCADA systems including Stuxnet, Havex, and BlackEnergy3. The common factor is the malware’s ability to travel through Industrial Control Systems undetected, by exploiting the weakest link in the cyber defence network i.e. people. Malware can pose as a legitimate email but once opened, can cause significant damage.

The power sector has already displayed vulnerability in the face of these attacks and so it must dedicate more resources to closing back doors and training employees to avoid clicking on malicious files, writes Daniel Wagner, Managing Director of Risk Cooperative, in his blog.

Enhanced information sharing, combined with a mandate to swiftly and accurately release information regarding attacks on impacted citizens, provides a sensible foundation for designing a protocol to effectively address future attacks, suggests Wagner.

Related Webinar