In recent years, news about cyberattacks on critical infrastructure, data breaches, and network instability has become increasingly frequent.
In an increasingly digital and interconnected world, the number of devices and vulnerable points is growing exponentially.
When these attacks target vital sectors such as energy, the consequences can be disastrous, not only in financial terms, but also for the safety of the entire population.
The electricity sector, in particular, is one of the areas most vulnerable to cyberattacks. In the first half of 2025 alone, CCEE (Chamber of Electric Energy Commercialization) reported having neutralized more than 539 million attempted digital attacks..
Vulnerability in the electricity sector
According to Leonardo Gomes Tavares, a researcher at Lactec (Institute of Technology for Development), the digitization and interconnection of critical devices — such as sensors, RTUs (remote units), and IEDs (intelligent electronic devices) — have increased the exposure of networks.
"I believe that the main challenge for distributors lies in the vulnerability of legacy assets that still make up a large part of the infrastructure," he said.
According to the researcher, many field devices were designed with a focus on availability and reliability, but without cybersecurity requirements.
"Furthermore, the increasing integration of these devices (old or modern) into the network expands the so-called attack surface, that is, the set of potential points susceptible to exploitation by malicious agents," he emphasized.
Tavares adds that many of these technologies still use legacy protocols, lacking mechanisms to protect against attacks. Furthermore, the challenge is to implement updates without compromising the continuous supply of energy, which requires rigorous planning and significant investment.
The researcher explains that this process requires rigorous planning and consideration of costs, since any failure can directly affect the population and the economy.
Another critical point is the obsolescence of older protocols. Many devices still operate with vulnerable systems and have no direct replacements.
This implies the need for comprehensive upgrades to hardware, software, and communication platforms—all of which are costly and complex. Furthermore, replacing these devices requires new testing and rigorous certifications to ensure that the new systems are secure and efficient.
Tavares warns of the challenge of balancing technological innovation and maintaining existing infrastructure, which requires a gradual, careful process and significant investment to modernize the electricity sector without compromising its operation.
“Generally, attacks seek access to confidential information. In operational environments, these leaks affect not only privacy, but also business strategies and the competitiveness of companies, even causing instability in essential services such as energy, transportation, or healthcare. It is crucial to pay attention to this, as it can jeopardize the safety of workers and the general population,” he explained.
-
The challenge of balancing technological innovation and infrastructure requires a gradual and careful process. Photo: Canva
Smart grids
The modernization of electrical systems imposes new security challenges. Smart grids, intelligent electrical networks that connect generation, consumption, and storage in real time, require robust authentication and encryption protocols to prevent interception and unauthorized alterations.
The researcher emphasizes that communication protocols with authentication and encryption are essential to guarantee the integrity and confidentiality of data, protecting networks against unauthorized interception or alteration, a considerable risk in interconnected digital environments.
“Practices such as segmenting corporate and operational networks, using profile-based access controls, and real-time monitoring of security events are fundamental. Finally, the application of periodic firmware updates and security testing also contribute to strengthening protection against cyber threats,” he stated.
The researcher emphasizes that modernizing the electrical infrastructure is inevitable, but it must occur gradually and in a coordinated manner, balancing innovation with the operational stability of the networks.
Battery storage
The advancement of energy storage systems adds a new layer of complexity to cybersecurity. According to Tavares, batteries can also be targeted by attacks that alter charge and discharge cycles, accelerate degradation, or compromise grid stability.
Therefore, the security of these systems needs to be treated with the same priority as smart grids, since an attack could affect the performance of the entire electrical infrastructure.
He points out that these systems, when integrated into smart infrastructure, can become vulnerable to unauthorized access, which could compromise their operation.
Specifically, attackers could exploit security flaws to alter charge and discharge cycles, accelerating battery degradation or even affecting the stability of the power grid.
For the researcher, it is essential to adopt authentication, encryption, and continuous monitoring protocols in these systems.
These measures are fundamental not only to protect energy storage systems, but also to strengthen the security of the entire interconnected electrical grid.
all the content of Canal Solar is protected by copyright law, and partial or total reproduction of this site in any medium is expressly prohibited. If you are interested in collaborating or reusing part of our material, please contact us by email: redacao@canalsolar.com.br.
