It’s hard to imagine the relationship between climate change and cybersecurity, but there are several reasons why industry professionals should pay attention to this existential threat.
Chloe Messdaghi, CEO and founder of Global Secure Partners, emphasized the relationship between the two, saying that the relationship between climate change and cybersecurity is “complex and multifaceted.”
She argued that climate change is increasing the opportunities for cyber threat actors to attack.
Like all critical infrastructure, the green energy sector can be severely impacted by cyberattacks. In 2021, Vestas Wind Systems, the world’s largest wind turbine manufacturer, was forced to shut down his IT systems in multiple locations following a cyber incident.
These new energy sources are often not hardened to combat cyberthreats and therefore rely on new technologies that are often particularly vulnerable to attack. For example, Mesdagi pointed out that electric vehicles will need a network of charging points. It must be connected to a grid and operated by a central system, making it a potential target for attackers.
“As our world transitions to clean energy, new systems will be developed and implemented, creating new cybersecurity risks,” said Messdaghi.
Messdaghi pointed out that climate change could create more cyber risks in global supply chains, especially in industries dependent on raw materials, energy and transportation. This can lead to these companies turning to alternative suppliers and adopting new technologies, thus creating new vulnerabilities that can be exploited.
Frequent extreme weather events such as hurricanes and tsunamis expose critical digital systems to greater physical hazards, such as damage to underwater communication cables and offsite servers. As a result, Internet connectivity is interrupted, leaving systems open to attack, Mesagi said. This has already been demonstrated in events such as Hurricane His Sandy.
According to Messaghi, other indirect causes of increased cyberattacks due to climate change include a further increase in remote work due to extreme weather events.
The other is increased geopolitical instability due to famine and the movement of people due to rising temperatures. This environment could heighten tensions between nation states, which could result in an increase in espionage cyberattacks targeting critical infrastructure in rival nations.
Messdaghi said this is not a topic currently being discussed in the cybersecurity industry, saying, “We are not ready for it.”
Organizations, recognizing increased cyber risks as a result of climate change, need to build more resilience into their systems, especially when adopting systems that promote green technologies, Messdaghi said. The starting point is to make this reality a point of frequent discussion in the industry going forward.
