The Dark Side of Solar Energy (T20c)
As renewable energy, particularly solar, becomes critical to global energy strategies and a de-facto new critical infrastructure, addressing its cybersecurity risks is essential to safeguarding future energy security. The European grid is designed to withstand sudden load changes of 2-3GW, but solar systems generate significantly more energy. A human error, such as the Crowdstrike incident, in a solar inverter company could result in widespread rolling blackouts across Europe. This talk highlights the vulnerabilities in solar energy systems, which, unlike traditional energy systems, are digital and internet-connected. These systems are comparable to early internet threats, a global infrastructure built without adequate cybersecurity. The talk calls for proactive cyber protections, which currently do not exist within the CRA, NIS 2, and NCCS legal frameworks promoted by the EU. It emphasizes the role of manufacturers in designing cybersecurity into their products to prevent catastrophic attacks on energy grids. Additionally, it underscores the importance of international collaboration and top-down legislation in building resilient, secure renewable energy infrastructures. This perspective is presented as part of SolarPower Europe, where the speaker serves as co-chair of the digitalization workstream and cyber task force lead.

