Rising Cyber Threats Target US Battery Energy Storage Systems

A new report reveals that battery energy storage systems (BESS) are increasingly vulnerable to cyberattacks from both nation-state actors and criminal groups, demanding immediate action to protect critical infrastructure. The findings, detailed in a white paper by Brattle Group and Dragos, come as BESS deployments are projected to surge between 20% and 45% over the next five years, fueled by growing demand from data centers and the expansion of renewable energy sources.

The escalating risk to these systems is driven by their crucial role in modernizing the power grid and enabling the integration of intermittent energy sources like solar and wind. As these systems become more integral to the nation’s energy infrastructure, they present an increasingly attractive target for malicious actors.

Growing Dependence, Growing Risk

Experts are warning that the rapid expansion of BESS is outpacing the development of adequate security measures. “Battery storage systems are being used across the grid to enable the deployment of variable demand sources such as solar and wind,” explained a field chief technology officer at Dragos. “This growing dependence makes them an attractive target.”

The potential economic consequences of successful attacks are substantial. According to the report, a four-hour outage affecting a 100-megawatt system in the U.S. could result in up to $1.2 million in lost revenue. A larger-scale disruption impacting 100,000 customers and 3,000 megawatt-hours of power for a single day could inflict an economic impact of $39 million.

Nation-State Actors and Advanced Tactics

The threat landscape is complex, with Dragos currently tracking approximately 18 groups known to pose a risk to the electrical grid. Some of these groups have a history of targeting utilities, while others possess the capabilities to launch impactful attacks.

Of particular concern is the activity of groups like Volt Typhoon – tracked by Dragos as Voltzyte – which are believed to be positioning themselves to potentially disrupt U.S. critical infrastructure as a diversionary tactic in the event of a military conflict in the Asia-Pacific region. These groups are employing increasingly sophisticated techniques, including the development of malware designed to manipulate industrial control systems.

Furthermore, some actors are utilizing a tactic known as “living off the land,” which involves concealing malicious activity by leveraging existing technologies within a system. This makes detection significantly more challenging.

Industry Concerns and Future Outlook

Concerns regarding the security of energy storage systems were previously highlighted during a panel discussion hosted by the Clean Energy States Alliance, underscoring the growing awareness of this critical vulnerability within the industry.

The convergence of increasing demand for battery energy storage and the escalating sophistication of cyber threats presents a significant challenge for policymakers and industry stakeholders. Proactive measures are essential to safeguard the nation’s energy infrastructure and ensure the continued reliability of the power grid. Addressing these vulnerabilities will require a concerted effort to enhance cybersecurity protocols, improve threat intelligence sharing, and invest in advanced security technologies.