The talk will cover the basics of windfarms and their operations, I’ll briefly discuss prior research in this area, noting that those findings are still valid today. Then the core of this talk will focus on identified security threats and their mitigations based on real life assessments. The impact these threats can have both in terms of windfarm operation and the physical damage that can be caused. I will show how physical and remote access to the windfarm can be gained, and by investigating the vulnerabilities found, I will show that there is an over-reliance on security boxes and buzzword solutions that has left general, basic, security hygiene lacking. So much so that that in some cases, not only have systems not been patched, but they were installed insecurely in the first place. I will then discuss the recent 2019 UK outage and the part played by windfarms in that, from the initial outage to their impact on restoration as a result of how micro generation is modelled within control systems.
There will be two key takeaways from this talk. Firstly, I will be busting the myth that ‘cutting off the supply’ is the most interesting attack that can be performed. It is the most likely, and one of the simplest attacks, but it is not the most interesting. Secondly, I will cover a point often glossed over in other talks. When an attacker ‘takes control’ it is often simply left at that, as if taking control was the ‘win condition’. This talk will cover some of the more interesting cyber physical attacks that can be performed on a wind farm and look at some of the ways that actual physical damage could be caused.