Cyberattack on satellites disables control of eleven gigawatts of wind turbines


Some operators of wind power plants in Germany are currently facing a failure of the satellite connection of their plants. The remote monitoring and control of thousands of wind turbines had failed. The reason for the outage has not yet been conclusively determined. However, it is unlikely that hackers specifically attacked German wind turbines. The German Wind Energy Association commented on the incident in an article in the “Handelsblatt”. According to the article, the disruption was caused by the failure of the KA-SAT communication satellite of the operator Viasat.

The affected communication channels are also used by photovoltaic plants. However, there are no reports of disruptions in the solar sector.

According to a Spiegel Magazin report, military communication services also run via the satellites of the operator Viasat. The failure of the wind turbine control system would thus be collateral damage of a cyberattack on a primarily military target. KA-Sat’s network is used by the satellite communications service provider Euroskypark, among others. Wind turbines located in areas without cellular connectivity use satellite-based communications for control and remote monitoring. Communications service provider Euroskypark could not be reached for comment.

It was initially estimated that about 3,000 wind turbines could be affected by the incident. Following the report in “Handelsblatt,” operator Enercon reported that 5800 of its wind turbines with a total capacity of eleven gigawatts used Euroskypark’s communication channels.

The affected wind turbines are also still producing electricity. In the event of a communications breakdown, the plants independently switch to a kind of autopilot. Photovoltaic plants would also fall into a similar state. Supply would not be in danger for the time being.

The German Federal Office for Information Security (BSI) updated its assessment of the cyber threat situation. According to the statement, the agency had activated the national IT crisis response center. In addition, federal administrations, operators of critical infrastructure, organizations and companies were sensitized to increased vigilance and readiness to respond.