Latest news with #ENISA
Yahoo
28-04-2025
- Politics
- Yahoo
What could be behind Europe's power outage
The cause of the collapse in Spain and Portugal's national grids remains uncertain. But experts are already suggesting reasons for the widespread power outages, including equipment fault, a cyber attack, the role of renewables and the weather. Here are some of the key theories as to what may have gone wrong. The cyber security wing of the European Union (EU) has suggested a technical or cable fault could be responsible for the mass power outage across Spain and parts of France and Portugal. Preliminary findings from the the European Union Agency for Cybersecurity (ENISA) have veered away from a cyber security attack. A spokesman said: 'For the moment the investigation seems to point to a technical/cable issue.' The ENISA said it is 'closely monitoring' the situation and remains 'in contact with the relevant authorities at national and EU level'. Early speculation centred on whether power could have been knocked offline by a cyber attack. Spain's INCIBE cybersecurity agency initially said it was investigating the possibility of the blackout being triggered by a cyber attack. Juan Manuel Moreno, the president of the regional government of the Spanish region of Andalucia, said: 'Everything points to a blackout of this magnitude only being due to a cyberattack.' Spanish officials initially said they had not ruled out a cyber attack as the cause of the dramatic outage, with one government source telling Politico: 'A cyberattack has not been ruled out and investigations are ongoing.' However, the Portuguese National Cybersecurity Centre said there was no sign that the outage was caused by a cyberattack. Past cyber attacks on grid infrastructure have been used to cause mass blackouts for hundreds of thousands of people. In December 2015, Russian hackers knocked out the systems of three energy companies in Ukraine, causing blackouts for 230,000 people. The attacks were believed to have been ordered by Russia's intelligence agency and carried out by the Sandworm hacking group. Spy chiefs have long warned that hostile states are targeting Britain's electricity grid and other critical national infrastructure. In April, Peter Kyle, the Technology Secretary, told The Telegraph that briefings from the country's intelligence agencies had left him with a 'deep concern about our ability to keep our country and critical services ... safe'. 'I was really quite shocked at some of the vulnerabilities that we knew existed and yet nothing had been done,' Mr Kyle said. In November, Pat McFadden, the Chancellor of the Duchy of Lancaster, warned that Russian cyber attacks had the capability to 'turn off the lights for millions of people'. Spain is the third-most targeted country by Russian cyber criminals known as 'hacktivists', according to a council report. ZIUR, a cybersecurity centre in the Basque province of Gipuzkoa, said that Spain's government, maritime and financial infrastructures had been regularly compromised by pro-Russian groups. A lack of wind and Spain's reliance on turbines for power could also be a factor in the blackouts. Spain has one of Europe's highest proportions of renewable energy, providing about 56pc of the nation's electricity. More than half of its renewables comes from wind with the rest from solar and other sources. That means Spain's electricity supplies are increasingly reliant on the weather delivering enough wind to balance its grid. For much of the last 24 hours, that wind has been largely missing. The website for example, shows wind speeds of 2-3mph, leaving the country reliant on solar energy and old gas-fired power stations. The weather system that has left Spain bereft of wind is also having similar effects across the rest of Western Europe with the UK, Germany, the Netherlands and others all seeking extra sources of electricity as their wind turbines fall still. France, for example, has been calling on Spain for extra electricity. The UK, which is also increasingly reliant on wind, was on Monday morning struggling to get any turbine power. Instead, it was relying on imports from Europe – with the London and South East receiving 58pc of its power from imports, according to the National Energy System Operator (Neso). The sheer scale of the demands being transmitted between countries and across interconnector cables – especially at a time when wind and other renewable output plummets – may be enough to disrupt grids and power transmission. The large amount of solar power on the Spanish and Portuguese grids may have also left the Iberian power grid more vulnerable to faults or cyber attacks, according to one expert. Generators that have spinning parts, such as those running on gas, coal or hydropower, create what is known as 'inertia', which helps to balance the frequency of power on the grid to prevent faults. Solar panels do not generate inertia on the system, however, and there are known issues with low inertia on the Iberian grid. At about 10am on Monday, roughly two hours before the power cuts, almost 60pc of Spain's power was being generated by solar farms, according to transparency data. Ms Porter said: 'If you have a grid fault, it can cause a frequency imbalance and in a low-inertia environment the frequency can change much faster. 'If you have had a significant grid fault in one area, or a cyber attack, or whatever it may be, the grid operators therefore have less time to react. That can lead to cascading failures if you cannot get it under control quickly enough. 'The growing reliance on solar has pushed inertia on the grid to the point where it does become more difficult to respond to disruptions such as significant transmission faults.' However, she added, if the blackouts were caused by cyber attacks on multiple parts of the grid, more inertia would not have helped. Broaden your horizons with award-winning British journalism. Try The Telegraph free for 1 month with unlimited access to our award-winning website, exclusive app, money-saving offers and more.
Telegraph
28-04-2025
- Politics
- Telegraph
What could be behind Europe's power outage
The cause of the collapse in Spain and Portugal's national grids remains uncertain. But experts are already suggesting reasons for the widespread power outages, including equipment fault, a cyber attack, the role of renewables and the weather. Here are some of the key theories as to what may have gone wrong. Cable fault The cyber security wing of the European Union (EU) has suggested a technical or cable fault could be responsible for the mass power outage across Spain and parts of France and Portugal. Preliminary findings from the the European Union Agency for Cybersecurity (ENISA) have veered away from a cyber security attack. A spokesman said: 'For the moment the investigation seems to point to a technical/cable issue.' The ENISA said it is 'closely monitoring' the situation and remains 'in contact with the relevant authorities at national and EU level'. Cyber attack Early speculation centred on whether power could have been knocked offline by a cyber attack. Spain's INCIBE cybersecurity agency initially said it was investigating the possibility of the blackout being triggered by a cyber attack. Juan Manuel Moreno, the president of the regional government of the Spanish region of Andalucia, said: 'Everything points to a blackout of this magnitude only being due to a cyberattack.' Spanish officials initially said they had not ruled out a cyber attack as the cause of the dramatic outage, with one government source telling Politico: 'A cyberattack has not been ruled out and investigations are ongoing.' However, the Portuguese National Cybersecurity Centre said there was no sign that the outage was caused by a cyberattack. Past cyber attacks on grid infrastructure have been used to cause mass blackouts for hundreds of thousands of people. In December 2015, Russian hackers knocked out the systems of three energy companies in Ukraine, causing blackouts for 230,000 people. The attacks were believed to have been ordered by Russia's intelligence agency and carried out by the Sandworm hacking group. Spy chiefs have long warned that hostile states are targeting Britain's electricity grid and other critical national infrastructure. In April, Peter Kyle, the Technology Secretary, told The Telegraph that briefings from the country's intelligence agencies had left him with a 'deep concern about our ability to keep our country and critical services ... safe'. 'I was really quite shocked at some of the vulnerabilities that we knew existed and yet nothing had been done,' Mr Kyle said. In November, Pat McFadden, the Chancellor of the Duchy of Lancaster, warned that Russian cyber attacks had the capability to 'turn off the lights for millions of people'. Spain is the third-most targeted country by Russian cyber criminals known as 'hacktivists', according to a council report. ZIUR, a cybersecurity centre in the Basque province of Gipuzkoa, said that Spain's government, maritime and financial infrastructures had been regularly compromised by pro-Russian groups. Problems with green energy A lack of wind and Spain's reliance on turbines for power could also be a factor in the blackouts. Spain has one of Europe's highest proportions of renewable energy, providing about 56pc of the nation's electricity. More than half of its renewables comes from wind with the rest from solar and other sources. That means Spain's electricity supplies are increasingly reliant on the weather delivering enough wind to balance its grid. For much of the last 24 hours, that wind has been largely missing. The website for example, shows wind speeds of 2-3mph, leaving the country reliant on solar energy and old gas-fired power stations. The weather system that has left Spain bereft of wind is also having similar effects across the rest of Western Europe with the UK, Germany, the Netherlands and others all seeking extra sources of electricity as their wind turbines fall still. France, for example, has been calling on Spain for extra electricity. The UK, which is also increasingly reliant on wind, was on Monday morning struggling to get any turbine power. Instead, it was relying on imports from Europe – with the London and South East receiving 58pc of its power from imports, according to the National Energy System Operator (Neso). The sheer scale of the demands being transmitted between countries and across interconnector cables – especially at a time when wind and other renewable output plummets – may be enough to disrupt grids and power transmission. The large amount of solar power on the Spanish and Portuguese grids may have also left the Iberian power grid more vulnerable to faults or cyber attacks, according to one expert. Generators that have spinning parts, such as those running on gas, coal or hydropower, create what is known as 'inertia', which helps to balance the frequency of power on the grid to prevent faults. Solar panels do not generate inertia on the system, however, and there are known issues with low inertia on the Iberian grid. At about 10am on Monday, roughly two hours before the power cuts, almost 60pc of Spain's power was being generated by solar farms, according to transparency data. Ms Porter said: 'If you have a grid fault, it can cause a frequency imbalance and in a low-inertia environment the frequency can change much faster. 'If you have had a significant grid fault in one area, or a cyber attack, or whatever it may be, the grid operators therefore have less time to react. That can lead to cascading failures if you cannot get it under control quickly enough. 'The growing reliance on solar has pushed inertia on the grid to the point where it does become more difficult to respond to disruptions such as significant transmission faults.' However, she added, if the blackouts were caused by cyber attacks on multiple parts of the grid, more inertia would not have helped.
Euronews
11-04-2025
- Business
- Euronews
EU Commission starts consultation on revision of cybersecurity rules
ADVERTISEMENT The European Commission on Friday started gathering input to help revise the bloc's cyber rules, which date back to 2019, in line with efforts to simplify existing rules. The review of the Cybersecurity Act (CSA) will focus on the mandate of the EU's cyber agency ENISA, as well as the European Cybersecurity Certification Framework, and addressing ICT supply chain security challenges, the Commission's statement said. Euronews reported last year that the Commission already began seeking feedback from industry and national governments on the functioning and scope of work of ENISA, in a bid to potentially modify the agency's mandate and financial support. The CSA gave ENISA – which has some 100 staff members – a mandate to oversee the implementation of EU-wide cybersecurity rules. But one of its tasks, drafting a voluntary cybersecurity certification for cloud services (EUCS), has not advanced significantly since 2019. Related EU cloud scheme needs more privacy safeguards, French watchdog says Cyber certification to remain on hold despite Polish effort The EUCS is intended to be used by companies to demonstrate that certified ICT solutions have the right level of cybersecurity protection for the EU market, but it turned into a political battle over sovereignty requirements. There have been calls to make the system mandatory under the new CSA. Henna Virkkunen, the EU Commissioner for technology, said that she will carry out a so-called Digital Fitness Check this year which will assess whether all existing tech rules are burdensome to companies, and identify areas for simplification. The consultation comes weeks after Virkkunen said that she wants member states to adopt 5G security rules to protect networks from cyber threats and risks. In 2020, member states agreed to apply restrictions for suppliers considered to be high risk – such as China's Huawei and ZTE – including necessary exclusions, following security concerns, but only a limited number of countries have taken concrete steps to ban the companies. Interested parties, including member state competent authorities, cybersecurity authorities, industry and trade associations can give feedback to the consultation until 20 June.
