Cybersecurity Risks to Battery Energy Storage Systems

An energy storage cybersecurity report published recently highlights a situation where a single 100-megawatt-hour (MWh) battery energy storage system (BESS) outage can cause losses of up to US $1.2 million per month. The study outlines the susceptibility of the energy storage grid to cyber security threats, such as ransomware, disruptions of operation, etc.

Financial Impact of Outages

Battery energy storage systems are the next generation power sources that can balance the grid and integrate renewables. If a BESS is forced to disconnect due to a cyberattack or internal fault, operators can be hit with heavy financial penalties, lose revenue, and see their costs increase due to the need to purchase power from alternative sources.

Grid and Renewable Integration Role

Facilities equipped with BESS are able to keep supply and demand in check through the storage of excess renewable energy generated at a later time out of the grid during a period of low demand. Interruptions in these kinds of systems mean less flexibility for the grid and can lead to utilities using more expensive power sources which result in a rise in the total energy costs.

Need for Stronger Cyber Defenses

In the report, this issue is ranked as the highest priority by the sector and appears as the reason why energy companies must take measures for cybersecurity protection seriously and commit to large investments in security. Companies engaged in the energy industry should be ready to respond in time to security breaches which would include steps such as dividing their networks into sections, detecting potential dangers, and checking systems regularly to discourage perpetrators from taking advantage of system pitfalls.

Industry Preparedness

As grid operators transition to more decentralized energy resources, the security of their control systems and communication protocols becomes more and more vital. The results of such studies underscore an even bigger problem, that of industry-wide exigences in terms of setting the rules and regulations that will ensure the safety of the most critical infrastructures in the face of continuous unpredictable attacks by cyber ​‍​‌‍​‍‌​‍​‌‍​‍‌offenders.